Prioritising mobile security in the workplace | #eBizWires

By Jorina van Rensburg, Managing Director of Condyn

Given the number of mobile devices employees use, companies are under pressure to manage these multiple touchpoints in the organisation more effectively. But too often, security falls by the wayside in the rush to make communication easier.

One of the most significant obstacles is knowing where to draw the line between personal and corporate use. Err on the sake of too much freedom, and the business can be viewed as afraid of infringing on the rights of employees. The flip side is also true. Placing too much control in place and the organisation is painted as Big Brother spying on the personal lives of employees.

The more personal devices are involved on the corporate network, the more difficult it becomes to manage. And then there is the small matter of ensuring that employee devices (and the multitude of platforms being used) can access the corporate network and vice versa. This can become an expensive and complex process depending on the size of the organisation.

Jorina van Rensburg

Managing change

Consideration must also be paid to how quickly mobile technologies evolve with security solutions struggling to keep up. This is especially the case when it comes to the human factor, for example data theft. With more personal devices accessing mission-critical information, decision-makers are finding it difficult to maintain an efficient (and secure) corporate perimeter.

A few years ago, social networks, cloud storage, and Internet of Things devices were not widespread. Employees did not use their own devices at work and could not easily download a large amount of data to a removable disk. Telephones were used only as a means of communication. Today, things are a bit different. Mobile phones can store a significant amount of data, access the internet, and be used for remote work. And while it would be nice to control all this activity, the employers have no right to do this as these phones are often the personal means of communication for employees.

Fortunately, the company has the right to forbid personal devices connecting to the organisational IT infrastructure and provide employees with corporate phones for business use. If devices belong to a company, special monitoring systems can be installed on them. The downside is that employees will be aware of the control and will still prefer to use their personal phones.

This is where Mobile Device Management (MDM) comes in to help regulate the use of devices in the workplace. It enables the business to monitor in real-time how mobile devices are used and what information is accessed. MDM solutions, such as those developed by SearchInform, can block unknown devices that are trying to connect to a source with confidential information. And any data stored on lost or stolen mobile devices can be erased remotely to further safeguard the organisation.

Regulatory affairs

With the South African Protection of Personal Information Act (POPIA) and the European Union General Data Protection Regulation (GDPR) looming, standards will be set regarding the rights of users (specific to data on the network).

For example, the GDPR clearly determines the limits around data usage and indicates which information is personal. More importantly, it gives users the right to have their data removed. Previously, this procedure was much more complex as there was no standard to adhere to.

But even before these and other legislative requirements, companies and countries had their own established procedures, ideas on personal data, information security, and regulations. With all these elements becoming more formalised, organisations must ensure that they comply with all these regulatory elements or face significant financial fines.

The reality is that managing mobile devices, employees’ use of data and network resources, and securing all potential entry points on corporate infrastructure, have become significantly complex. Businesses need to have the right systems, policies, and procedures in place to mitigate these threats or risk opening themselves up to malicious attacks (both internally as well as externally).

Today, most organisations allow employees to use their personal devices. But it must be remembered that these should not be viewed as data channels. Instead, the business should use them as information receivers that access data through those channels managed (and protected) by the organisation.

About SearchInform

 SearchInform has been developing information protection systems since 2005. The company’s products – DLP and Forensic Suite, SIEM and time management system – guard the business at all levels: help to prevent confidential data leakage, expose fraudsters, conduct investigations, comply with regulatory requirements and monitor the corporate activity. Gartner, the world’s leading research and advisory company, has selected DLP SearchInform to join the “Magic Quadrant for Enterprise Data Loss Prevention”.

More than 2000 organizations in 12 countries in the world have applied SearchInform products. The company has 10 representative offices in Europe, the Middle East and Latin America.

About CONDYN

Established in 1995, CONDYN is an independent company specializing exclusively in the distribution and provision of information security solutions, focusing on meeting each client’s unique requirements.

CONDYN has been serving the Africa continent with Information security solution including design, planning, integration, support and services for the past 22 years. Our clients represent all spheres of business and we pride ourselves on always finding cost effective solutions, ensuring that the latest technology is proven and tested prior to us taking it to the market.

The company’s service methodology, continually revised and improved upon, has been proven time and again, and is based on its many years of experience coupled with a well-developed service ethic.

Please contact CONDYN at +27(12) 683 8816 /[email protected] or visit our website www.condyn.net

About eBizRadio

eBizRadio is a live multi- platformed social media service providing an online forum to the business community for holding conversations on the key issues related to specific businesses as well as availing a space for cross-business collaboration in response to key issues affecting the world of business. The place to go if you want to know about business and lifestyle
Author: eBizRadio
Tags

Login

Please enter the correct answer: *