The devices we use outside the office are changing the way we work, to the point of rendering the traditional office obsolete.
Employees increasingly need to access workplace systems and data outside the office, from home or on the road. Today’s tech has helped the process along – bring-your-own-device (BYOD) policies are integrating consumer tech in the workplace, while home use of mobile devices have forced corporate IT systems to deliver the same level of intuitiveness and ease of use in office interfaces.
Today’s IT professionals must go beyond their usual skill set of protecting office-based systems, and learn to adjust to the new mobile reality without compromising overall security.
The shift to mobile is opening up new fronts in the battle to keep businesses secure:
- New threats from mobile work. Carelessly downloaded apps can gather sensitive information about the user and their wider network. And consumer tech’s piecemeal integration into office systems may open up the office network to threats beyond the reach of traditional defenses.
- Some office-based threats remain. Phishing and spoofing attacks can still fool users into giving away their passwords and logins, while spyware can be used to harvest corporate data.
- Security failures have financial and regulatory implications. As of 2020, the average data breach costs each company US$3.86 million . Recent data legislation has increased this figure, with million-dollar fines imposed on the most egregious breaches. And thanks to the increased emphasis on information governance, security is now a board-level issue: failure can cost senior executives their jobs .
Can businesses stay on top of the changing mobile threat environment, while still delivering a mobile working environment that meets users' needs?
Building a working mobile security strategy means objectively assessing organizational strengths and weaknesses, and building a people-focused approach to match. Most important of all, businesses need to continually review their security strategy: good security policies are those that develop as the business develops.