Enterprise Mobility and Data Security – Top Considerations for Financial Services Firms
This is a guest blog post written by Chandra Sekar, Director of Product Marketing for industry verticals at Zenprise Inc. – a leader in secure mobile device management and enterprise mobility solutions. He can be reached at Chandra.Sekar@Zenprise.com. You can learn more about Zenprise and enterprise mobility solutions at http://www.zenprise.com.
Powerful tablet computers and smart phones with highly usable and attractive form factors are now being used as alternative computing devices by your executives and employees alike. With the ability to deliver superior user experiences through tailor-made apps, devices like the iPad are driving significant productivity improvements. iPads are changing the way banks interact with customers, executives and field workers get up-to-the-minute market data and portfolio analyses and corporate board members receive and review confidential business information. This anytime, anywhere access to data will likely be a key component of your mobile strategy in a hypercompetitive world.
Enterprise Mobility and Data Security Concerns
However, together with BYOD trends enterprise mobility is challenging the traditional safeguards and precautions used by IT departments to secure enterprise data. Unlike locked-down PCs or tightly controlled BlackBerrys, today’s mobile devices offer greater flexibilities but also have varying levels of vulnerabilities. Once an employee or partner downloads sensitive data to his or her mobile device, IT loses control and cannot get it back. How do you protect sensitive documents, non-public financial information, M&A plans and other personally identifiable information (PII) of your clients? Or track compliance with Sarbanes-Oxley, Regulation-SP, GLBA, HIPAA, and FINRA when personal (or business-issued) iPads are being used to access corporate information?
In last week’s column – “Five steps to Deploying Mobile Device Management,” you read about best practices to address mobile device management (MDM) requirements. I suggest that mobile data leakage prevention (DLP) tools and processes should be a standard part of your bag of tricks with your MDM and mobility strategy. However, many MDM solutions do not directly address data security and instead offer basic protection like lock, wipe and selective wipe functions at the device level which only secures the proxy for the data. So, what is really needed? Let us look at the top considerations involved with addressing mobile DLP requirements.
Key Considerations for Mobile DLP:
Enterprise security is after all about the data. All of the efforts to secure your perimeter, devices and apps will not be effective if your data can be leaked. Your mobile DLP solution should let you set content- and context-aware policies on the documents (or in a more coarse-grained way on the folder or area in which the document resides) preventing users from local saving, printing, emailing, and cutting and pasting data from sensitive documents. Secure, data-agnostic document containers can let your users access presentations, documents, video, and other files from their mobile devices while preventing the data from being leaked inadvertently or intentionally. The mobile DLP solution must address the security of data at rest and data in motion by providing encryption capabilities for data on the device and the data exchanged over the air with backend infrastructure.
You mobile data management strategy can go beyond protecting your data to help drive productivity through secure document distribution capabilities. Enterprises have already standardized on document and content repositories to manage complex projects and departmental data distribution needs. The ideal mobile DLP solution should integrate with leading business applications, collaboration tools, and content repositories – for example, Microsoft SharePoint and Office 365. You should not have to deploy new infrastructure to allow users to access content from their mobile device.
Getting the most out of your enterprise mobility implementation must involve allowing teams to collaborate on data and documents by providing flexible access from the device of their choice. Users should be able to use their mobile device to edit and have these changes automatically synchronize across their PC, iPad, or smartphone. For example, users can collaborate on presentations and have every user on the project team receive mobile updates to changes in presentations.
Data Lifecycle Control:
Your data security strategy for mobile devices must include managing the lifecycle of that data. Being able to control the expiry and removal of the data from mobile devices is as important if not more than being able to control how it is accessed and stored. You should set time-based expiry of documents and selectively wipe the contents upon device loss or a user’s departure from the company. Additionally, for strict compliance needs, mobile DLP solutions should be able to initiate a wipe of all data upon a user’s violation of your company policy (e.g., wipe all files if a user jailbreaks device).
Mobile data security and user productivity do not have to be at odds with each other. You can “have your cake and eat it too” if your DLP solution offers the right capabilities to allow users to access the assets they need while allowing IT administrators to govern and protect corporate data from loss, leakage, or breach. Learn more about mobile DLP and how you can reap your mobile ROI while safeguarding your company’s most important asset – its data.