Guest post by Michael Ginsberg, CEO, Echoworx,a leading provider of managed encryption services to protect confidential information from unauthorized viewers and make the encryption of digital information easy.
There has been a landslide of incidents that have brought to light the issue of protecting information exchange in recent months - especially when it comes to email correspondence.
A sizeable portion of emails contains confidential information relating to employees, customers or company activities. Not only does this present risk from a compliance standpoint, leaking sensitive information to the outside world can erupt into a PR nightmare, leading to lost revenues and a damaged reputation. While for the most part these lapses may be inadvertent, the aftermath can be devastating.
Surprisingly, many aspects of email continue to be unmonitored and documentation is exchanged without thought to who can access that information and for what purpose.
Forrester in fact reports that email ranks only second to portable storage as a source of data leakage. While organizations have been diligent about addressing the obvious privacy issues – such as personal health information or financial details – it is becoming increasingly evident that information leakage is still happening more often than it should. And unfortunately, it’s happening through one of the most common forms of business communications available.
One way to alleviate the security burden is encrypted mail, where sensitive emails can be encrypted directly from the employees desktop.
With the desktops now taken care of IT has more challenges to tackle with the explosion of smartphones onto the market, as employees are embracing BYOD (bring your own device) and are using their smartphones for business correspondence and other sensitive communications. Due to the variety of devices and platforms, IT is unable to monitor these mobile communications.
This was not a concern when mobile phones were primarily used for voice and personal communications. Now however, business users are turning to their smartphones to text, e-mail, and forward files—all activities that used to be managed by desktop functions where security and authentication processes are well in hand.
This is reminiscent of the early days of wireless networks, when staff took to installing their own routers. This rogue activity undermines the traditional centralized IT management approach. If an iPad or BlackBerry is stolen for example, there’s very little an IT manager can do to safeguard that information. On top of that, credential management for mobile communications is minimal—or in some cases non-existent.
The issue definitely began taking centre stage when the iPhone and Android devices came into the picture. Android especially brings an added risk to the equation, since applications can be downloaded from any location, rather than a centrally managed app store.
At this point in time, it’s safe to assume that every phone is potentially a business device and therefore a danger to security and information integrity.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.