Multiple levels of security needed amid mobile boom
The "consumerization of IT" is a phrase frequently heard in the enterprise sector. Essentially, it describes the use of consumer technology, such as social networks, smartphones and tablet computers, in the workplace. The practice has several advantages -- most notably allowing employees to use tools with which they are most comfortable -- but it also introduces new challenges for the IT department.
Consumer-focused devices like tablets and smartphones, as well as employee-owned laptop PCs, can be especially taxing on an IT department's security practices. These mobile devices enable workers to access their documents and applications from virtually anywhere. While this has obvious advantages in terms of productivity, it can be difficult for a company to know exactly which devices are accessing its network and what information is being viewed.
Mobile Device Management
Many companies are investing in mobile device management (MDM) solutions to mitigate mobile security risks. These solutions can be hugely beneficial, as they enable the company to monitor certain activities on its network, and don’t necessarily require new software to be loaded to an employee's personally owned devices.
MDM is not a catch-all in terms of security, however. Though the practice can be a great tool for controlling smartphone and tablet use, it doesn't protect the data these devices access. Instead, businesses need to implement multiple levels of security to ensure that information stored on their networks -- as well as in public cloud environments -- is adequately protected.
Encryption is another useful practice for protecting sensitive corporate data. Unlike MDM, encryption focuses on the data itself rather than the endpoint. This has become a necessity in an era in which employees expect to access company data and applications from anywhere at any time.
Encrypting data ensures documents and other files are protected no matter where they reside, whether it's on a computer, a tablet, a thumb drive or in the cloud.
According to a February 2012 report from technology news provider InformationWeek, more than 91 percent of companies use encryption in some capacity. A survey of more than 500 IT professionals finds that 47 percent of respondents have made mobile device encryption a priority amid the smartphone and tablet boom.
However, as the report points out, there are some challenges with encryption. Namely, many legacy security systems do not support its use. This means companies that rely on potentially outdated technologies will have a hard time deploying this more modern solution.
The next phase of security that a company may consider is on the network level. In the age of mobile devices, most companies now support WiFi networks within the office. This provides clear flexibility benefits, but a WiFi network can also be difficult to protect.
Once individuals break into a company's WiFi network, they are free to come and go as they please, poking around in sensitive data and systems. Intrusion prevention technology is perhaps the most effective solution when it comes to guarding a company's wireless network, as it stops a breach at the source, preventing hackers or other ne'er-do-wells from gaining access in the first place.
No one data security solution can guarantee protection, and there are numerous others -- such as antivirus software and firewalls -- that can further improve a company's ability to safeguard its IT systems. As mobile devices continue to become more prevalent in the enterprise sector, it is clear that companies must adjust their security policies in order to stay safe.