Take the recent situation where the U.S. Government "retrieved" the laptop of an ISIS fighter from Tunisia. This device stored large amounts of employee data proprietary data that the leaders would not want their opponent to find. While this is a military/foreign policy example, it goes to the heart of the situation in corporate America. While working with a global storage company we had a situation where a senior executive lost his personal laptop, a device employee data he coincidentally used for all of his company business, a laptop where the employee never changed the default password. The information technology team had no policy in place to require employee data this executive to secure his laptop, let alone encrypt the data. When the device was lost there was no way to know what he had on it, what security he had, if any, and no idea where it was last seen.
Lack of company policy greatly exacerbates employee data the risks of how mobile devices threaten corporate data. There are substantial challenges presented herein. The good news, technology and service providers exist to assist businesses overcome these issues. Whether utilizing consultants for policy review/creation or implementing employee data mobile device management (MDM) software, companies have means to acquire assistance. Organizations should ensure they have policies, process, procedure, and education in place; all of these actions will employee data substantially reduce the risk of data loss through mobile devices. Corporate leadership must take ownership for the growing security risk inherent with mobile devices.
It makes sense to permit employees to use employee data their own equipment as there are substantial productivity and efficiency enhancements with this model, not to mention cost savings as employees no longer need multiple devices to accomplish the same feat. As with all security concerns we have a tradeoff between security and efficiency, business employee data leaders must acknowledge this fact and take action to protect their corporate data when mobile devices are involved. In previous posts I focused on cross-platform development using HTML5 to assure rich mobile user experience and holistic unified security analytics as a big data project. Between employee data development and analysis, mobile security should focus on data not devices.