What Mobile Technology Means For Your Company’s Data Security Policy
An Explosion In Mobile Devices
The explosion of powerful mobile devices over the past few years has put them front and centre in a number of enterprises. Gartner predicts, 80 percent of businesses will support a workforce using tablets, bringing both ease and utility – but more importantly, risk. The push towards the use of mobile devices is part of a larger trend to integrate consumer devices, tools and services into business environments to better suit the needs of employers and employees alike. Additionally, widespread connectivity due in part to more corporations moving data to the cloud and the rise of the mobile worker – employees that frequently do work from a coffee shop or airport – have helped fuel this trend.
More screens displaying more corporate data in increasingly public locations causing lingering concerns over security, audit and governance. So while the mobility of workers and the use of these devices can prove helpful to corporations, there are obvious risks that need to be addressed. The IT security community has long considered the issue of visual privacy important. Passwords are typically masked as they are typed to reduce the risk of being exposed to onlookers. However, many mobile devices actually remove this long-accepted feature by briefly unmasking each character as it is typed to help users verify accuracy.
A Growing Need For Controls
The new risks posed by mobile devices highlight the need for controls to help manage and mitigate the potential exposure of sensitive and regulated information. Important questions around legally protected information such as Personal Health Information (PHI), Personally Identifiable Information (PII), and sensitive financial information need to be asked. Beyond legally protected data, marketing information, sales data, and trade secrets can be particularly at risk as workers move towards consumerisation and mobility.
The Visual Data Breach Risk Assessment Study
The recently published Visual Data Breach Risk Assessment Study – performed by People Security and commissioned by 3M – found there is a significant gap between risk and corporate policy to prevent visual data breaches. High-risk groups should be equipped with computer privacy filters to lower the chance of unwanted data exposure. The Visual Data Breach Risk Assessment Study also indicates that equipping at-risk employees with privacy filters is not enough. An experiment conducted as part of the study showed that although workers say they believe visual privacy to be important, many do not take steps to preserve visual privacy.