Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Strategy: Securing Mobile Data

Do you have a security policy governing data access via mobile devices? Unless things have improved considerably since we asked readers this question last summer, it's even odds you don't. The problem is, employees are using smartphones in their jobs, whether the security team is on board or not. In a July InformationWeek survey, 82% of smartphone owners said they use their devices to read business e-mail, 80% surfed corporate Web sites, and 61% accessed enterprise data.

And don't look to business managers to stifle this trend: 74% of users said they foot their own cellular bills, and 65% paid for the devices out of their own pockets. More productivity at little or no cost to the business. So what's not to like?

InformationWeek Reports

Plenty, actually. Mobilizing employees increases productivity, but the security risk is dramatically heightened without IT involvement. Yet just 31% of readers said corporate IT supports smartphones and PDAs. We understand the logic: When the enterprise doesn't own the devices, it can't regulate what users buy. Supporting a mishmash of systems is a nightmare. That's why for years we've advised readers to stay ahead of this trend. Those who didn't now find themselves in an untenable position. While the enterprise might not own the physical assets, it does own the data that end users are storing on them. As soon as corporate information lands on a smartphone, it becomes a business asset that needs to be secured.

chart: Are you currently using mobile apps over a wireless network to access company data?

CIOs have two options: Freeze out mobile devices by preventing installation of synchronization programs like ActiveSync, disallowing access to corporate servers from mobile devices, or lock down USB ports on corporate PCs. Of course, employees will waste time trying to circumvent these roadblocks. A better route is to put the correct mix of policies and technological enforcement in place to keep your data safe while realizing the benefits of mobility.


  • 1