How many times have you left your smartphone or tablet device on a table at a coffee shop while you went for a drink refill, or left it on a chair at the airport for a quick moment while en route to a long overdue vacation? A consumer report from a recent survey showed that smartphone theft among adult victims doubled in 2013, and it was projected that 1.4 million were lost and never recovered.
Mobile device theft is on the rise across the country and is costing consumers billions of dollars each year. Many of those devices are being used to access company data, now that more and more consumers use one device for both work and personal life. Mobile devices are targeted not only because of the resale value of the device, but also the value of the data that resides on them.
When you factor the cost of stolen company data, consumer devices in the enterprise can create a major disruption in your business. Here are five tips to help protect your organization’s data in this BYOD era:
1. Secure device access.
While OS-based device security features offer some protection, they are barely scratching the surface. A common line of defense against data theft is enforcing a password policy when a device is powered on, or automatically locking the device if left idle for a certain number of minutes. Another option is certificate-based device authentication that requires both the password and device certificate to be validated before access is granted.
2. Protect apps against malware.
Mobile app security goes beyond the anti-theft tools that we see in newer smartphones models. Tools like app wrapping enable IT to add security functions (such as requiring VPN) to both proprietary and third-party applications. The use of an enterprise app store to distribute company-approved apps also goes a long way in helping to protect apps, especially since malware uses trusted consumer apps as a launchpad to attack corporate networks.
3. Manage content sharing and storage.
Mobile devices are used as computing tools to edit, share, and store content. While organizations benefit from the boost in productivity, if left unmanaged, company data can be at risk. Content management solutions such as ‘containers’ use encrypted on-device storage plus policy-defined controls such as cut and paste restrictions to protect information from getting into the wrong hands.
4. Safeguard your network.
Cyber-criminals are continuously finding new ways to infiltrate corporate networks to steal information. Encrypted transport, network-based security controls, and network policy enforcement (such as domain whitelist and blacklist) can help guard against unauthorized access. Ongoing network behavior analysis can also shield your company from advanced and persistent threats.
5. Control who is allowed access.
A popular approach to enterprise mobile security is Mobile Workspace Management solutions (MWM). With MWM, IT administrators control permissions to determine who gets access based on their role, and they can configure security controls for containerized apps and content. In the event that a device is lost or stolen, the enterprise workspace can be easily locked and wiped remotely.
No one tactic alone can ensure complete mobile security. A multi-layered approach is the best line of defense. What is your company doing to help protect its data?