A recent survey from SANS offered two critical points that represented the conversational equivalent of certain catalytic chemical reactions. While neither point by itself would pose much of an issue, the combination of the two points together made for a major reaction, and one that companies turning to mobile workforce options want to watch out for.
The SANS survey revealed that over 64 percent of mobile workers can access data considered to be of high value while operating remotely. That's not such a problem by itself; after all, high-value data tends to be useful, which is where part of its value comes from. But it's the second point that really hits home: less than 25 percent of respondents said that sufficient policies and controls were in place, and when it came to mobile devices able to access all that data, an average of one in three did so on unmanaged devices. Many of these devices fell under bring your own device (BYOD) doctrines, and as such, left a great deal of sensitive corporate data exposed to a variety of different devices.
Worse, it wasn't just exposed data that proved to be a risky behavior. Malware from unmanaged devices was also a concern, with 13.6 percent of respondents suggesting such was the case; 12.6 percent of respondents called the loss or theft of corporate devices a major problem as well. To top it off, there was a shocking shortage of encryption going on with that data; for firms with between 500 and 10,000 employees, only seven percent encrypted data on USB devices. For firms with over 10,000 employees, the numbers were better, but only in comparison: those firms featured 13 percent of firms encrypting data.
This is extremely bad news for firms, especially in light of plans to enhance a mobile workforce. Thirty-two percent of surveyed firms expect at least 60 percent of the workforce to be mobile within just the next 12 months. Sixty-three percent of workers aren't using secured points of access to reach company data, but rather, standard computer hard drives.
However, there is one encouraging note to emerge from this study: 84 percent of firms noted that security is of at least high importance, with numbers varying as to whether it was merely high, extremely high, or critical.
Data has never been in the kind of danger we're seeing it in these days, and protective measures are looking a bit inadequate for the job. With high-profile data breaches from Target to Home Depot and beyond cropping up in recent months, and an ever-increasing number of employees doing a job remotely from devices that aren't really under corporate control, there's a greater need than ever to put more protective measures in place. Encrypting data, just for a start, can mean the difference between criminals getting huge amounts of data and getting huge amounts of useless files.
Edited by
Dominick Sorrentino