The problem with most mobile content management (MCM) and security solutions is that they focus on protecting the device, not the data.
Here’s why this paradigm is critically flawed: The devices we use are always going to change. Personal digital assistants gave way to BlackBerrys, which gave way to smartphones. Now there are tablets, Google Glass and smart-watches to consider, on top of whatever trend emerges next.
With devices changing so often, trying to protect the device is futile. The key to improving security is to protect the data on the device.
Mobile technology brings its own share of threats and challenges to securing company files. In recent years we’ve seen a surge in data loss through mobile devices.
The productivity and convenience mobile devices provide for the workforce, plus the growth in enterprises embracing bring-your-own-device (BYOD), means there’s a good chance that critical company data is going to reside on a mobile device.
But mobile devices are, by nature, easier to lose than a non-portable device, such as a desktop computer or a file server. Many data loss scenarios are a result of mobile devices being lost or stolen. For instance, a 2005 worldwide study found that tens of thousands of mobile devices were left behind in taxicabs. Imagine how many of those devices contained sensitive data. Given the proliferation of mobile devices in the last decade, the number of mobile devices lost has certainly increased.
Also consider that as BYOD continues to expand into workplaces around the world, there is inevitably going to be situations where enterprise data is stored on an employee’s personal device.
In the past, separating personal and business data was as simple as issuing a company computer and phone. But the cost of maintaining those devices and eventually replacing them is high. Plus, especially when it comes to mobile phones, most people don’t want to carry around more than one device.
Consequently, as employees demand remote access to company files via mobile devices and the definition of the traditional workplace and traditional working hours continues to erode, BYOD security must become part of the conversation.
In the event that a personal smartphone containing company data is lost, don’t let an inadequate mobile content management strategy lead to legal trouble.
Many data loss prevention (DLP) products on the market today tout features like remote device wipe or locking that are supposed to make enterprise file security a reality of the mobile world. But if they all worked as well as they’re meant to, you probably wouldn’t be reading this.
If you remotely wipe company data from an employee’s personal smartphone and personal data is deleted in the process, it’s going to create a lot of unnecessary tension. Look for an enterprise file security system that containerizes data so that when a device is lost or an employee leaves the company, you’re able to remotely wipe enterprise data without affecting other data on the device.
To put it bluntly, if your enterprise file security strategy does not include a comprehensive plan for securing files on mobile devices, it’s a sign that you need to step up your game or look for a new job.