Why mobile security needs a ‘follow me’’ policy

This year, eMarketer predicts that there will be over 1.91 billion smartphone users across the globe, a figure that will increase another 12.6% to near 2.16 billion in 2016. This equates to more than a quarter of the global population having the latest iPhone or Galaxy in their pocket, and a whopping two in three in the UK.

Businesses initially encouraged the use of mobile phones in the workplace, down to a matter of timing as anything else. The growth in employee-owned devices dovetailed with the global financial crisis. Businesses looking to reduce their overall capex costs therefore encouraged the trend as the cost of purchase, replacement and general day-to-day management of hardware became the responsibility of the owner.

Research by Kaspersky Lab backs this up, showing that two-thirds (62%) of business owners and employees now use personal mobile devices for work. Bring your own device (BYOD) is no longer a developing trend, but a widely accepted business practice for companies of all sizes.

>See also: How to tackle the 7 mobile app security deadly sins

SMBs slow to understand the risks

However, the portability of smartphones, tablets and laptops also introduces additional security risks as they sit outside the traditional security perimeter. They can easily be lost or stolen and that can result in unauthorised users gaining access to the corporate network.

Attitudes towards protecting the information security of these devices often leave much to be desired. In a consumer security risks survey Kaspersky recently undertook, 92% of respondents said that they keep sensitive corporative data on smartphones and tablets which they use for both work and personal activities. Whilst six in ten (60%) employees were concerned about the threat of surveillance and information theft via mobile devices, they were still slow to actively protect themselves and relied on their employers to do so.

Yet, employers themselves, especially SMBs, often don’t see the risks. A third (32%) of the SMBs surveyed saw absolutely no danger to their business in staff using personal mobile devices for work. The risk of data theft from an employee’s mobile device is not a pressing concern for them, so they do not pay much attention to it.

Follow-me security

Despite this misconception, it is no longer possible for IT departments to just defend the traditional network perimeter. Instead, they must apply a security 'wrapper' around every employee with a security solution that sits on every individual endpoint device so that security moves with the user.

By implementing such a 'follow-me’ security policy, business and personal data is secure on all devices to avoid the risk of data falling into the wrong hands should a device be lost or stolen.

>See also: Cyber security guide to the 10 most disruptive enterprise technologies

It is essential that employers understand the risks involved with collaborating with mobile devices and communicate this effectively with employees. Human intervention can be the chink in the armour so businesses should increase awareness amongst their staff.

They also need to put in place robust security processes to reduce the risk of any data breaches or leaks occurring. This means deploying anti-malware solutions, controlling the applications that employees have access to, and also being able to block access to, and where necessary, erase sensitive data stored on a lost device.

 

Sourced from Kirill Slavin, managing director, Kaspersky Lab

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics

Data