In a mobile world, everyone’s personal mobile device becomes a corporate device — and while taking the step to mobilize workforce apps is a major boost for productivity, it’s also a serious security threat as well.
Think that your company employees aren’t using their personal cell phones and tablets for accessing your company’s network or personal data? Think again. An IDC survey found that just 40 percent of companies say they allow their employees get corporate information via their own personal devices — but 70 percent of employees are accessing the data, no matter what IT tells them to do.
It’s easy for employees to get around company strictures about using personal devices for accessing corporate information. As Bryan Barringer points out in his SearchConsumerization blog, employees can use their work email to send business information to insecure locations, and they can save information to insecure cloud-based storage services.
So what to do?
Barringer says there are two potential solutions: better control access to important data, or use mobile device management.
Mobilize Workforce Data: Controlling Data Access and Managing Mobile DevicesThe best way to control access to confidential data for your as you mobilize workforce applications, he says, is via mobile content management, which keeps the data secure, no matter where it’s stored. That way, employees can still use their own devices to get at important data for their work, but the data itself will stay safe.
It’s important that the systems allow employees to share their own work data as well as a company’s documents. A combination of Microsoft Sharepoint plus Active Directory can do that. A variety of other solutions can also do this, Barringer says, including those from Accellion, Box, Dropbox, EMC, IBM, BigTinCan, Citrix ShareFile and Byte Squared. They encrypt sensitive data and manage it as well.
Another solution is to manage the devices themselves or the applications they access rather than just the data. There are several types of solution for this, including mobile device management (MDM) that “handle acceptable device types and mobile operating systems,” in Barringer’s words; mobile application management (MAM) for creating and managing what apps can be accessed; and mobile content management (MCM), which control what kind of corporate content can be access or stored on a mobile device, and can also control it with several levels of encryption.