• Home

  • Documents

  • How Secure Is Your Company's Information With the Mobile-Carrying Social Employee?
2
How Secure Is Your Company's Information With the Mobile-Carrying Social Employee? Posted by Vishal Gupta on February 19, 2014 at 11:22am View Blog Over the past few months, I have had the misfortune of losing my laptop and my phone in a New York cab. Call me careless, but this complete loss of digital identities, brought me to the harsh realities of security and privacy in the new world. As I look back however, the interesting bit was the sequence in which I started to worry about things. The first thing that worried me was all the data on the laptop, I had a backup and all the data was encrypted using Seclore’s own technology so I was good on that front. Thank goodness we have a company policy for all employees to do so and I had dutifully complied! The second thing that worried me was all the data on the phone, the contacts, the texts and all the account passwords that I had fed into the various applications and the data within those apps. The last thing that worried me is loss of the devices themselves, the cost of replacement and the time delays. The sequence of these “worries” was striking and (re)conveyed what is becoming more and more obvious i.e. if the data is secured, the rest don’t matter! Paradigm shifting mobile and social collaboration technologies have created an always-connected workforce. These technologies also present, perhaps the single largest risk to personal and corporate information. An enterprise’s capability to erect “walls” around corporate boundaries has already vanished. In fact the corporate boundary (where exactly does one erect the wall?) itself has vanished. Traditional methods of providing corporate laptops and controlling everything on the laptop does not extend to the mobile world where everyone likes to make their own decisions on phones and tablets that they would like to use. Combined with this lack of control is the increasing need to control. Security concerns and an increasing societal need for privacy are forcing enterprises to implement and regulators to mandate stricter controls around data access. Industry specific regulation like HIPAA, PCI-DSS as well as generic frameworks like ISO and Sarbanes Oxley are becoming more uptight around security and privacy. Incidents like the data breaches at Target, Heartland and Sony are painful reminders of what could happen to even well defended systems. In this context, the question of, “What will it take to secure the BYOD carrying social workforce?” becomes central. Let’s look at a few options.

How Secure Is Your Company's Information With the Mobile-Carrying Social Employee?

  • Upload
    seclore

  • View
    182

  • Download
    0

Embed Size (px)

Citation preview

Page 1: How Secure Is Your Company's Information With the Mobile-Carrying Social Employee?

How Secure Is Your Company's Information With the Mobile-Carrying Social Employee?

Posted by Vishal Gupta on February 19, 2014 at 11:22am

View Blog

Over the past few months, I have had the misfortune of losing my laptop and my phone in a New

York cab. Call me careless, but this complete loss of digital identities, brought me to the harsh

realities of security and privacy in the new world. As I look back however, the interesting bit was the

sequence in which I started to worry about things. The first thing that worried me was all the data on

the laptop, I had a backup and all the data was encrypted using Seclore’s own technology so I was

good on that front.

Thank goodness we have a company policy for all employees to do so and I had dutifully complied!

The second thing that worried me was all the data on the phone, the contacts, the texts and all the

account passwords that I had fed into the various applications and the data within those apps. The

last thing that worried me is loss of the devices themselves, the cost of replacement and the time

delays. The sequence of these “worries” was striking and (re)conveyed what is becoming more and

more obvious i.e. if the data is secured, the rest don’t matter!

Paradigm shifting mobile and social collaboration technologies have created an always-connected

workforce. These technologies also present, perhaps the single largest risk to personal and corporate

information. An enterprise’s capability to erect “walls” around corporate boundaries has already

vanished. In fact the corporate boundary (where exactly does one erect the wall?) itself has

vanished. Traditional methods of providing corporate laptops and controlling everything on the

laptop does not extend to the mobile world where everyone likes to make their own decisions on

phones and tablets that they would like to use.

Combined with this lack of control is the increasing need to control. Security concerns and an

increasing societal need for privacy are forcing enterprises to implement and regulators to mandate

stricter controls around data access. Industry specific regulation like HIPAA, PCI-DSS as well as

generic frameworks like ISO and Sarbanes Oxley are becoming more uptight around security and

privacy. Incidents like the data breaches at Target, Heartland and Sony are painful reminders of what

could happen to even well defended systems.

In this context, the question of, “What will it take to secure the BYOD carrying social workforce?”

becomes central. Let’s look at a few options.

Page 2: How Secure Is Your Company's Information With the Mobile-Carrying Social Employee?

The first option is to take controls which have worked historically and embed them in every mobile

device and every social platform. Historically, we have relied on controls over transmission of

information like can I use the USB drive, can I use a personal email ID, can I share using a consumer

file sync-and-share service. All such technologies essentially rely on blocking a particular service, USB

port, Gmail, Dropbox and others, which is seen as a potential risk. Technologies exist today which

can implement the same controls on a personal mobile device. Public social collaboration platforms

however do not provide the same level of control themselves and therefore enterprises have to

either accept these risks or block the platform completely.

The second, perhaps more modern, view that is emerging is to focus on what is really important, and

that is, information. This option essentially relies on protecting the information itself and inserting a

“beacon” within the information which constantly relays its present location as well as provides

capabilities to control the information; in other words, who can use the information, what can the

person do, when and from where. This is a rather large deviation from traditional models where the

focus shifts from protecting the infrastructure like collaboration apps, devices, networks to

protecting the information.

I believe that as we move to an increasingly “borderless” world where mobile phones play a bigger

role in our work life than computers and social collaboration becomes the norm we will be left with

no choice but to protect information itself. Enterprise’s capabilities to govern devices, networks and

applications will consistently go down and the only ownership it can exercise will be over

information.

The bottom line is that information will have to be shared and decentralized but with right checks

and balances. Reputation, intellectual property, loss of public image are just some of the obvious

concerns and today we all understand a serious breach can actually paralyses the entire companies

existence. With consistent careful use of the military grade encryption technologies now readily

available to the enterprise, employers now have the power to "remote control" information even

after dissemination. Explore the right fit for your needs and make sure the compliance is 100% and

you are ready for the new world of social corporate employee.

Vishal Gupta is the founder and CEO of Seclore.

Read more: http://insights.wired.com/profiles/blogs/how-secure-is-company-information-in-the-

hands-of-smartphone#ixzz2yqT62bxn

Follow us: @Wiredinsights on Twitter | InnovationInsights on Facebook


Introduction: SSL Is used to carry application layer protocols in a secure way. SSL Is used to carry application layer protocols in a secure way. Carrying

Introduction: SSL Is used to carry application layer protocols in a secure way. SSL Is used to carry application layer protocols in a secure way. Carrying

Documents
Company's Act 1956

Company's Act 1956

Education
Company's profile (virgin)

Company's profile (virgin)

Small Business & Entrepreneurship
Company's Ethical

Company's Ethical

Documents
company's circumstances

company's circumstances

Documents
How secure is your company's information?

How secure is your company's information?

Data & Analytics
Boost Your Company's Brainpower

Boost Your Company's Brainpower

Technology
5i Solutions Inc Manage & Secure Your Company's Data

5i Solutions Inc Manage & Secure Your Company's Data

Data & Analytics
NewGround: company's profile

NewGround: company's profile

Technology
F-Secure email and Server Security...4 1. Overview F-Secure Email and Server Security is designed to protect your company's mail and groupware servers and to shield the company network

F-Secure email and Server Security...4 1. Overview F-Secure Email and Server Security is designed to protect your company's mail and groupware servers and to shield the company network

Documents
Company's Act71 2008

Company's Act71 2008

Documents
Company's Profile

Company's Profile

Documents
APOl(ef) · growth of a strong UK genomics industry. The data is stored in the company's secure data centre. All data within the company's research environment is anonymised and the

APOl(ef) · growth of a strong UK genomics industry. The data is stored in the company's secure data centre. All data within the company's research environment is anonymised and the

Documents
Black Tie Company's Profile

Black Tie Company's Profile

Business
The Company's Macroenvironment

The Company's Macroenvironment

Marketing
Company's Law

Company's Law

Documents
A company's overview

A company's overview

Education
LAMSYSTEMS: Company's activities

LAMSYSTEMS: Company's activities

Documents
Design your company's name

Design your company's name

Business
ICI Company's profile

ICI Company's profile

Business
Company's First Card 1 (2) application / agreement · 1 (2) application / agreement . Invoicing information. Company's official signature and name in block letters Company's name

Company's First Card 1 (2) application / agreement · 1 (2) application / agreement . Invoicing information. Company's official signature and name in block letters Company's name

Documents
Fullah Sugah Company's Profile

Fullah Sugah Company's Profile

Retail
Increasing Your Company's Value

Increasing Your Company's Value

Economy & Finance
Telecommunication of a Secure Data in Optical Fiber · Telecommunication of a Secure Data in Optical ... electrical signal to optical ,optical fiber cable carrying the optical signal

Telecommunication of a Secure Data in Optical Fiber · Telecommunication of a Secure Data in Optical ... electrical signal to optical ,optical fiber cable carrying the optical signal

Documents
Shefali company's profile 1

Shefali company's profile 1

Documents
Best 50 Company's

Best 50 Company's

Documents
Company's List

Company's List

Documents
Company's EMS Manual

Company's EMS Manual

Documents
Company's Specializations

Company's Specializations

Documents
Company's Presentation - Oxytronic

Company's Presentation - Oxytronic

Documents