With a large amount of work now taking place away from the office via mobile devices, IT departments must look closely at their mobile security policies. Cell phones and tablets, once strictly for personal use, function like satellite extensions of the home base office IT infrastructure. This means they are equally vulnerable to security breaches, and require an equal level of protection. Yet, many businesses stall out for developing and enforcing mobile security. What’s the holdup?
The Mobile Security Threat
Not only are vulnerabilities in mobile security a reality, they’re on the rise. Infection levels for mobile devices increased by 17 percent in the first half of 2014, according to a malware report from Alcatel-Lucent’s Kindsight Security Labs.
Mobile security comes with a unique set of challenges. With the constant influx of new apps, new devices and operating system upgrades, keeping up with the evolution of mobile technology requires a high level of agile response.
The largest challenge in mobile security, however, may land at the feet of the users themselves.
Too Strict or Not Strict Enough?
By definition, a security policy must be stringent enough to offer protection against possible data breaches, including that which results from an inadvertent loss or misplacement of that mobile device.
A policy that’s too strict could discourage smartphone and tablet use, which reduces productivity. This is true for bring-your-own-device (BYOD) arrangements, removing the advantages of added productivity those mobile devices should offer. Unreasonable or non-user-friendly security mandates can motivate employees to avoid using protective measures rather than practice compliance.
Recent research from the Ponemon Institute indicates that employee resistance is the largest barrier to adopting an effective mobile security strategy. The next biggest obstacle is having the ability to implement and enforce a mobile device policy. In looking at these two challenges, one must weigh user resistance against the daily, practical benefits that mobile devices have on productivity.
Developing a Successful Mobile Security Strategy
The answer is to establish a mobile security policy that is innovative enough to prevent against malicious attacks, yet is not so stringent that employees end up discouraged from mobile device use (and the increased productivity they represent).
An effective mobile security strategy must go beyond sticking to a set of guidelines; this mindset did not protect Target from its massive 2013 data breach, even though the company was within compliance of PCI security standards. Instead, mobile device security must balance protection and control, providing a secure, remote operating environment that does not come at the expense of diminished employee productivity.
Written by Sofia Johnson, Manager, Software Development
Ms. Johnson, an expert in Project and Resource Management, is the Software Development Manager at iBridge. She brings 11 plus years of IT work experience and business intelligence to provide successful customer engagement of software development. Prior to working at iBridge, Johnson worked as a Senior Engineer for Hewlett Packard and Oracle, and a Hyperion Consultant for IBM and Google.
She is a product expert in enterprise contract management software solutions – diCarta/IBM Emptoris. As part of her previous engagements as a Hyperion Consultant, she made significant contributions to optimize and enhance a BI/Analytic solution for a major food, health and home retailer, LoBlaw, in Canada. She introduced performance tuning and optimization principles to the existing solution by leveraging Essbase cube partitioning techniques and re-writing some of the calculation logic to bring in significant performance improvements. Another significant engagement included automation and enhancement deliveries of a Hyperion analytical solution for a South African multinational brewing and beverage company (SABMiller) headquartered in London, England.
Ms. Johnson is a certified Essbase developer with a Master’s degree Computer Applications from Bangalore University. She has immense passion for travel, reading and working for social causes.