Did you know that as smartphone use increases in a particular industry, the number of data breaches rise as well? Enterprises want their employees to use mobile devices, but the data security concerns can be overwhelming. How do enterprise IT departments enable secure mobile productivity amongst their workers?
View The Effects of Mobile on the Enterprise to learn more.
Guest Blog Post By: Ryan Fahey an Information Security Professional who is currently a security researcher at the Infosec Institute.
Mobile users be warned: the malicious malware attacks once focused exclusively on PCs have been redirected at mobile devices. From loopholes in operating systems, to poor mobile app coding, to an uptick in malware attacks, we’re seeing users fall prey to a variety of security issues. While the risks seem to be growing by the moment, here are the eight most common concerns right now:
1. Where did I leave my phone?: Lookout Labs estimated that a mobile phone was lost in the U.S. every 3.5 seconds in 2011 – and that nearly all who found lost devices tried to access the information on the phone. Now, I hope the “access” was an attempt to determine the owner, but who knows? Even temporarily misplacing a phone can put sensitive data at risk as you have no way of knowing who has the device and the person’s intent. Designing mobile device OS systems and applications with defenses against unauthorized users can go a long way to protecting individuals’ data.
2. Securing files at rest: Encrypting files on mobile devices is a must. After all, who wants sensitive corporate data to end up in the wrong hands? Without the proper encryption, not only are personal documents up for grabs, but also passwords to bank apps, credit card apps, and even business apps. By encrypting sensitive data, one ensures would-be thieves gain a whole lot of nothing.
3. Browsers beware: Mobile users love to browse the web on the go, but did you know this activity opens up phones to serious security risks? The problem is that users cannot see the full URL or link, much less verify whether the link or URL is safe. That means that users could easily browse their way into a phishing-related attack.
4. Update, update, update: People have a tendency to point fingers at mobile device vendors when it comes to security mishaps, but they aren’t always to blame. Updates and patches designed to fix issues in mobile devices are not quite as cut and dry as with PCs. O/S vendors for mobile devices often release updates and patches when users report bugs in the system, but carriers then tend to delay releases that may affect other applications.
5. Layered defenses: The sad truth is that even letting someone borrow one’s mobile device for a few minutes can pose a security risk when multifactor authentication is not implemented. Protecting devices against unauthorized access, not only protects mobile phone users but also companies offering extranet access to their network.
6. Coding that isn’t up to code: Sometimes developers make honest mistakes, inadvertently creating security vulnerabilities via poor coding efforts. Whether failing to implement encrypted channels for data transmission or proper password protection, ineffective development can lead to security weaknesses whether in PCs or mobile phones.
7. Bluetooth benefits: As easy as Bluetooth is to use, it can be just as easy for attackers to gain access to one’s phone and everything stored within. It’s fairly simple for a hacker to run a program to locate available Bluetooth connections and Bingo – they’re in. It’s important to remember to disable the Bluetooth functionality when not in use.
8. Malware on the rise: Malware in mobile devices is serious business and isn’t going away anytime soon, with 2013 projected to be far worse than 2012. Take the Android malware incident in January which impacted more than 600,000 phones, with the malware capable of upgrading itself to expand to other apps. Yet another reminder to the mobile world to only download apps from trusted sources.
For a more in-depth look at the risks outlined above and others that might impact your mobile users, check out the mobile forensics training course offered by the InfoSec Institute.
The early days of mobile access to corporate e-mail is littered with now-defunct platforms, including Danger, HandSpring, Palm and others. It was Research in Motion (RIM) that launched the first wave of true enterprise mobility. With its well-designed Blackberry handset, robust operating system and highly secure network, RIM revolutionized the space, for better or worse, turning the mundane task of checking e-mail into a must-do activity at dinner, social gatherings and any other time. Some of you may remember this as the “CrackBerry” era.
Apple heralded the second wave of mobility with the introduction of the iPhone and iPad, and the Apple App Store. While the devices themselves were never intended to be corporate workhorses, people’s love affairs with “Designed by Apple in California” has fueled an entire software development industry, churning out apps to appeal to every user’s needs or desires. As of this month, Apple is approaching 50 billion app downloads, with a run rate approaching 2.5 billion per month – and accelerating.
While the iPad has spawned an entire me-too tablet industry, the second wave has also thrown down the gauntlet to IT, forcing organizations to radically alter what they consider to be “corporate” devices. People simply cannot get enough of their app-rich devices, are not willing to leave them at the company gates.
Initial efforts to squash the BYOD revolution have given way to acceptance that these devices offer too many benefits to be excluded from the corporate roster of computers. Plus, banning them only creates another shadow technology world, where workers copy content off the corporate networks, store it in cloud file shares, and sync it back to their iPads or Android devices.
Now we are entering the third wave of mobility, the era of mobile productivity. Beyond e-mail access, beyond viewing and sharing files on an iPad, organizations are looking to enrich existing business processes and boost productivity. The benefits of a mobile workforce have already been established, and the value of the 3.5+ mobile devices that most knowledge workers carry is beyond question.
But there is an increasing recognition that existing enterprise resources and infrastructure, including SharePoint repositories and other enterprise content management systems, also offer significant benefits to the organization – the equivalent of the solid concrete foundation underpinning a new and airy corporate office. The conversation has shifted away from the polarized, philosophical questions – “Should we allow personal mobile devices?” and “How can we block access to cloud file sharing services?” – to a more inclusive, action-oriented focus: “How do we use mobile devices securely to expand the boundaries around how, when, and where employees are productive?”
Is your organization ready for this next wave of mobility?
Today’s users expect PC-like functionality from their mobile devices, including the ability to print documents. According to an October 2011 report from research firm IDC, mobile printing is the fastest growing segment in the document solutions industry and is expected to grow from 68.3 million in 2010 to 1 billion in 2015.
As the use of mobile devices in the work place increases, many employees want to simply click “print” from their tablet or smartphone and print to their normal workplace printer. Unfortunately, this option is not available on most devices.
In many companies, IT has misjudged the need for mobile printing and is now realizing that employees need to print from these devices just as they would from a laptop or desktop. IT also needs to maintain strong authentication and role-based security features, to ensure that mobile printing doesn’t create new opportunities for data breaches to occur.
The benefits of deploying a mobile printing solution that offers robust enterprise security features and maximizes the mobile productivity of your workforce are worth exploring. Organizations that enable mobile printing can accelerate field and back office processes, save time, and most importantly improve mobile productivity.
Accellion’s mobile printing solution features embedded printing technology from Ricoh. View a use case for mobile printing here.
Rama Kolappan, Mobile Director with Accellion, recently addressed the topic of Enabling Secure and Mobile Cloud Collaboration at Secure Seattle 2013 . The 3 key messages to enterprises:
1) You are not alone; mobile productivity challenges face all types of organizations.
2) The BYOD trend can do more good than harm.
3) Sharing enterprise content securely in this era of the iPad is realistic and easier than you think.
Check out the full presentation below.
Ever wonder what type of toothbrush your dentist uses at home? Or how often your trusted mechanic gets the oil changed on his/her own car? Wouldn’t it be nice to know what products and practices the experts actually rely on behind the scenes? Well, thanks to a recent article in The Guardian, we gained a glimpse into how the mobile productivity editor of TIME Magazine – Harry McCracken – stays productive while out and about on the reporting scene.
Here’s some of what we learned:
• Harry’s tablet of choice? An iPad.
• A good keyboard is key: A keyboard can transform an iPad from a media consumption device into a legitimate productivity tool. Sure, some people do just fine with on-screen typing, but for Harry, he wanted a physical keyboard to be able to see more of his writing at one time. He’s tried out a lot of models and has found his favorites are from two companies – Zagg and Logitech.
• Desktop be gone: McCracken has traded in his desktop for a laptop at the office, although you’ll usually see him on an iPad, even when at his desk. He said that he traveled with his laptop for a while as a security blanket but then realized that the iPad could support his mobile computing needs just fine.
• Skeptics are everywhere: Despite being on the cutting-edge of mobile technology, Harry’s reliance on tablets has been met with raised eyebrows. “People get very defensive when someone is taking a different approach to computing then they do. My feeling is, there is no wrong way to use computers. If you’re happy and productive, all ways are equally good.”
Are you using a tablet for your day-to-day job? If so, check out the latest news on our Secure Mobile Productivity Suite, which allows employees to easily create, edit, and share files on a mobile device without exposing sensitive business information. It’s mobile productivity at its best.
The widespread adoption of Microsoft SharePoint, including by the majority of Fortune 500 organizations, has made it a must-have tool for many information and knowledge workers. However with the increasing use of mobile devices in the workplace, employees now expect important applications, like SharePoint, to travel with them. How does IT make that happen, while also making sure that security doesn’t take a hit?
View The Case for Mobilizing SharePoint infographic to learn more.
Whether you are an organization with 50 employees or 50,000, finding a way to manage and secure employees’ mobile devices and access rights to corporate data is imperative. BYOD policies aren’t just for the big guys. If employees are bringing smartphones, tablets, or other devices into the office, then the chances are good that those same employees have plans to use (or are already using) those devices to access and send work-related files. It’s up to the organization to dictate when and how that happens.
We’re seeing a positive uptick among SMBs addressing the mobile device movement, with new research by iGR showing that 62 percent of IT managers at SMBs have an official BYOD policy in place. Yet, the same research found that 73 percent unofficially permit workers to use personal devices for work purposes.
It’s great news that so many smaller organizations have put a stake in the ground with a written BYOD policy. Hats off to you! It’s the 73 percent that are allowing employees to use devices without any official parameters that has us concerned.
Acknowledging that mobile access is a work must-have is an important first step. But, that needs to be followed with IT controls to ensure that files are being accessed only by authorized users, all mobile content is being shared securely, and that users are only turning to file sharing applications that have been thoroughly vetted by the organization.
So whether your organization has less than 50 or more than 50,000 employees, consider secure mobile file sharing an essential element of your mobile strategy, and make BYOD an official order of business.
Legal Regulator’s Board Meetings Go Mobile
New Zealand Law Society plays a very important role: acting as the regulatory authority for all lawyers across the country. To make that happen, ongoing committee, planning, and board communications and meetings are a regular part of operations. Anything that can be done to make the meetings more efficient translates to less time around the meeting table and faster decision-making.
With some meeting documentation exceeding 2,000 pages, printing hard copies for meeting participants just didn’t make sense – from either a cost or environmental perspective. The Society decided to make a change, equipping board members with iPads so that any necessary files could be shared, edited, and accessed electronically. How? Via Accellion.
“Our board meetings have taken on a whole new level of efficiency,” said Malcolm Gunn, IT Manager with New Zealand Law Society. “We upload documents to Accellion and board members download the files on their iPad using the Accellion Mobile App. They annotate the PDFs prior to meetings and then access those notes during the discussion.”
The success of using Accellion for board meetings has paved the way for use among other Society committees, legal research teams, and librarians.
Click here to read New Zealand Law Society’s full story.
Cloud-based file sharing and collaboration solutions are ripe for the picking, but what’s right for one organization might not be right for another. Accellion presented the pros and cons of various cloud computing choices at the InfoSec World 2013 Conference & Expo last month. To learn more about the top cloud considerations for file sharing and collaboration and to find out where you stand on the privacy and public cloud debate, check out this presentation entitled ”Do You Know Where Your Data Is?
© 2011 Accellion . All Rights Reserved | 1.650.485.4300 | info@accellion.com | Legal | Privacy | Blog | Sitemap | Design: r2integrated
TWITTER
FACEBOOK
LINKEDIN
YOUTUBE