Keeping Corporate Secrets

Of the hundreds of privacy breaches reported by the Privacy Rights Clearinghouse since 2005, over 60 percent were endpoint mobility losses. Still, recent research shows that nearly half of organizations have no security policies or solutions in place regarding the use and protection of data outside the organization.

Mobile devices such as laptops, personal digital assistants, smart phones, and USB flash drives are rapidly increasing in capability while also declining in price. The proliferation of small and inexpensive mass storage devices and their potential for data loss has been under the radar of most organizations until now. The prevalence of these devices in the enterprise has led to significant support issues and security risks. Additionally, the use of mobile devices can introduce viruses or worms such as the recently discovered W32/SillyFD-AA program, or “Silly worm”, which automatically spreads itself via a USB storage device connected to an infected PC, and then passes itself along to subsequent machines into which the USB drive is inserted.

Whether accidental or through malice, more than 100 million personal data records have been compromised in the past two years, at an estimated cost of $16 billion in extra paperwork, lost productivity and lost customers. The loss of sensitive data can have a devastating impact on a company’s bottom line and its reputation. Additionally, because of the individual responsibility associated with protecting data, IT professionals can also preserve their own careers by implementing and enforcing sound mobile security policies.

How does your company rate when it comes to mobile security? In this article, we will examine policies and best practices that companies are employing to protect and control access to sensitive data found on mobile devices.

The Mobile Threat

Many organizations are realizing the need to constrain or control the use of employee-owned mobile devices for work activity. While companies can benefit from the increased productivity and employee satisfaction these devices provide, they also bring with them some loss of control over corporate data flows. How can organizations reap the business benefit of mobility without the loss of control?