How Secure Is Your Company's Information With the Mobile-Carrying Social Employee?
Posted by Vishal Gupta on February 19, ...
The first option is to take controls which have worked historically and embed them in every mobile
device and every social...
Upcoming SlideShare
Loading in …5
×

How Secure Is Your Company's Information With the Mobile-Carrying Social Employee?

353 views

Published on

Security concerns and an increasing societal need for privacy are forcing enterprises to implement and regulators to mandate stricter controls around data access. Industry specific regulation like HIPAA, PCI-DSS as well as generic frameworks like ISO and Sarbanes Oxley are becoming more uptight around security and privacy.

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
353
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

How Secure Is Your Company's Information With the Mobile-Carrying Social Employee?

  1. 1. How Secure Is Your Company's Information With the Mobile-Carrying Social Employee? Posted by Vishal Gupta on February 19, 2014 at 11:22am View Blog Over the past few months, I have had the misfortune of losing my laptop and my phone in a New York cab. Call me careless, but this complete loss of digital identities, brought me to the harsh realities of security and privacy in the new world. As I look back however, the interesting bit was the sequence in which I started to worry about things. The first thing that worried me was all the data on the laptop, I had a backup and all the data was encrypted using Seclore’s own technology so I was good on that front. Thank goodness we have a company policy for all employees to do so and I had dutifully complied! The second thing that worried me was all the data on the phone, the contacts, the texts and all the account passwords that I had fed into the various applications and the data within those apps. The last thing that worried me is loss of the devices themselves, the cost of replacement and the time delays. The sequence of these “worries” was striking and (re)conveyed what is becoming more and more obvious i.e. if the data is secured, the rest don’t matter! Paradigm shifting mobile and social collaboration technologies have created an always-connected workforce. These technologies also present, perhaps the single largest risk to personal and corporate information. An enterprise’s capability to erect “walls” around corporate boundaries has already vanished. In fact the corporate boundary (where exactly does one erect the wall?) itself has vanished. Traditional methods of providing corporate laptops and controlling everything on the laptop does not extend to the mobile world where everyone likes to make their own decisions on phones and tablets that they would like to use. Combined with this lack of control is the increasing need to control. Security concerns and an increasing societal need for privacy are forcing enterprises to implement and regulators to mandate stricter controls around data access. Industry specific regulation like HIPAA, PCI-DSS as well as generic frameworks like ISO and Sarbanes Oxley are becoming more uptight around security and privacy. Incidents like the data breaches at Target, Heartland and Sony are painful reminders of what could happen to even well defended systems. In this context, the question of, “What will it take to secure the BYOD carrying social workforce?” becomes central. Let’s look at a few options.
  2. 2. The first option is to take controls which have worked historically and embed them in every mobile device and every social platform. Historically, we have relied on controls over transmission of information like can I use the USB drive, can I use a personal email ID, can I share using a consumer file sync-and-share service. All such technologies essentially rely on blocking a particular service, USB port, Gmail, Dropbox and others, which is seen as a potential risk. Technologies exist today which can implement the same controls on a personal mobile device. Public social collaboration platforms however do not provide the same level of control themselves and therefore enterprises have to either accept these risks or block the platform completely. The second, perhaps more modern, view that is emerging is to focus on what is really important, and that is, information. This option essentially relies on protecting the information itself and inserting a “beacon” within the information which constantly relays its present location as well as provides capabilities to control the information; in other words, who can use the information, what can the person do, when and from where. This is a rather large deviation from traditional models where the focus shifts from protecting the infrastructure like collaboration apps, devices, networks to protecting the information. I believe that as we move to an increasingly “borderless” world where mobile phones play a bigger role in our work life than computers and social collaboration becomes the norm we will be left with no choice but to protect information itself. Enterprise’s capabilities to govern devices, networks and applications will consistently go down and the only ownership it can exercise will be over information. The bottom line is that information will have to be shared and decentralized but with right checks and balances. Reputation, intellectual property, loss of public image are just some of the obvious concerns and today we all understand a serious breach can actually paralyses the entire companies existence. With consistent careful use of the military grade encryption technologies now readily available to the enterprise, employers now have the power to "remote control" information even after dissemination. Explore the right fit for your needs and make sure the compliance is 100% and you are ready for the new world of social corporate employee. Vishal Gupta is the founder and CEO of Seclore. Read more: http://insights.wired.com/profiles/blogs/how-secure-is-company-information-in-the- hands-of-smartphone#ixzz2yqT62bxn Follow us: @Wiredinsights on Twitter | InnovationInsights on Facebook

×