RSA Conference 2012: Mobile Media Making Traditional Security Antiquated
Keynote speakers addressing the audience at the RSA Conference 2012 warn IT executives that with changes in how data is used and accessed through cloud computing and mobile technology, they should begin to review how they secure their information. Rather than fighting the changes in data management, IT departments should find practical ways to secure it.
According to ComputerWorld, Symantec's president and CEO, Enrique Salem, told RSA attendees they should start partnering with users to begin securing the use of social media tools and new technologies rather than shy away from their use. Infosecurity reports that Ponemon Institute released its survey results at the conference, where they reported that three-quarters of IT professionals believe the phenomenon of bring-your-own-device (BYOD) has placed their companies at risk, while only 39 percent of professionals claim to have the necessary security controls to address the potential risk of BYOD. It is this fear that Salem encourages IT department to address.
Salem told listeners at the RSA conference to throw away those long-held beliefs about data security and realize you can't always control the mobile device in this new world of information sharing. Traditional security measures won't work in the mobile environment and companies should add controls to authenticate, authorize, and audit their users' access by other means. Firewalls alone won't stop a malicious code from infecting a network, so IT departments should add controls to keep information within their network and not worry about the initial attack.
IT departments should start by training employees on the use of company security features. Fifty-nine percent of IT executives have reported their employees repeatedly disengage or avoid security features on both their corporate and personal mobile devices. Stressing the use of passwords and key locks can easily avoid breaches in network security and data loss. Many employees don't realize how quickly someone can attack company data simply through a lost cell phone or tablet without a PIN.
More than half of the Ponemon Institute survey respondents reported a loss of data due to their employees' failing to secure their mobile devices. These same respondents reported an increase in malware infections from these same unsecured devices. Tom Clair, Websense senior marketing director, advised IT personnel to make sure employees using company-provided mobile devices and BYOD users have adequate layers of security. The simple act of adding a PIN and a lock to each mobile device and making sure those devices remain locked will lessen the chances of malware attacks.
IT professionals should find more ways to lessen these risks by adding mobile security products to prevent data loss through mobile devices. With the increase in data volumes, access speeds, BYOD and social media tools over the last 10 years, risk levels have increased and will continue to increase.
This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet.