Sensitive data and a mobile workforce: How to make it work
Working on the run, while traveling or from home, has become the norm in today’s ever-changing work environment.
We have made great strides in mobile technology and solutions, but we still struggle to provide access to the data we need in an organised, logical and secure fashion.
There are multiple technologies and methods for meeting the needs of the mobile worker and the enterprise, but every mobile strategy will have to consider two key aspects: optimisation and security.
Optimising your information
Whether they’re in the office or connecting from afar, your employees can’t be inhibited from finding critical information quickly, easily and in the form they need.
And because optimising your information is an enterprise-wide initiative, it’s not something you achieve with a single piece of software or masterstroke of IT design. It takes a holistic look at the information critical to your business. You need to understand where the data is stored; what format it is in; how it is presented to the user; how you currently process it; and how you would ideally process it. With that understanding, you can focus on implementing the array of tools and strategies that bring those ideal processes to life.
Securing your information
Of course, the more mobile you make your information, the more critical it is to secure it and the access people have to it. How can you be sure unwelcome guests aren’t using the same routes your mobile workers use to access company information?
A personal mobile device can be lost or stolen. And your company’s IT staff can’t monitor and safeguard public computers in hotels and libraries.
Even your virtual private network (VPN) and other seemingly secure parts of your enterprise systems are not immune to attack — as this story about a compromised airport network makes clear.1 Signing in to the airport’s VPN was a two-step process, which is generally regarded as a best practice. But a combination of form-grabbing malware (which records the text you type into a form window) and screen-capture technology allowed hackers to conquer both steps, steal passwords and gain access.
So, does that mean you shouldn’t bother with multi-factor authentication? Not at all! But not all multi-factor authentication systems are created equal, and today, you need more than just a password to secure critical information. A two-factor authentication setup requires inputting something you know (e.g., a password) and something you possess. That possession may be a card that you swipe or scan, or it may be your phone or other personal device. In those cases, the system sends you a text, email or phone call, allowing you to acknowledge/verify the request to log in.
In the airport example from above, sophisticated malware was able to beat the two-factor sign-in process. For further security, then, you can look to three-factor authentication: In addition to something you know and something you possess, logging in requires something you “are” — like a biometric input, such as a fingerprint or iris scan.
Because of the variety of threats out there, it’s critical to teach users how to use remote connectivity responsibly, along with making sure mobile devices (both bring-your-own (BYOD) and enterprise-provided) have up-to-date antivirus protection. Mobile device management (MDM) solutions provide IT with comprehensive controls including, but not limited to, the ability to enforce PINs, encryption, enforce updates and distribute and secure the applications they deem necessary to every mobile device in your network. MDM and other security protocols should be covered in your data governance policy.
Maintaining the flow of information throughout an organisation is a necessity, and it encompasses more than building connections for mobile workers. What is necessary is a thorough and intelligent design of information processes throughout the enterprise — with careful attention paid to how you protect critical information in all the environments it is now free to inhabit.