In an effort to save costs, more and more companies are adopting mobile working strategies to enable their staff to work remotely. This means more sensitive information and critical data is leaving the premises of organisations.
J2 Software managing director John Mc Loughlin warns executives about the risks of a mobile workforce and allowing critical data outside the confines of the company's security firewall.
Every business, irrespective of its size, must know how to guard critical data on mobile computing platforms. More importantly, they must have data protection policies across multiple platforms to ensure data is protected and with minimal support costs.
As their use of mobile computing evolves, so too should their security policy. The emerging and constantly evolving world of mobile working requires a constantly monitored and adapted security policy to accompany it.
Safeguarding stored data on mobile devices by means of encryption and authentication is critical. Most companies recognise that encrypting business data is a best practice, even if it is merely to comply with government or industry regulations, maintain privacy, and shield intellectual property.
Legislation across the world mandates increasingly tough penalties, as well as requirements for public disclosure in the event of a real or suspected mishandling of personally identifiable information. Gartner believes that the cost of a data breach is always higher than the cost to invest in preventive measures.
Mc Loughlin says the data on a mobile device is much more valuable to the business than the device itself, be it a laptop or smartphone. “Laptop security is a threat that every SME should take seriously. Security should not always be left to address each threat as it reveals itself; mobile working security should be an integral consideration at each and every stage of the development of the mobile workforce and their toolset.”
Despite more security issues than ever, all competing for organisations' attention, the seemingly unstoppable rise in the use of portable storage devices in the workplace is a risk that needs urgent action.
With users being able to access the Internet, send and receive e-mail and browse the local network, often in an unstructured manner, it is more important than ever that employees are monitored and kept productive. It is essential that access to information is managed and users are accountable for their actions.
He says there is a higher possibility and probability of theft of sensitive information for profit in these difficult times. “The modern day executive has a duty to protect the organisation from these types of abuse and theft. The challenge is even greater for SMEs; limited staff and technical expertise makes them more vulnerable and easy targets.”
Mobile data theft represents an enormous intellectual and financial risk to organisations; it is estimated that the economic impact represented by data loss is between R500 to R1 500 per record, and because many incidents involve hundreds or thousands of records, the cost can quickly become astronomical.
Mc Loughlin warns that there is an inescapable trend that needs urgent attention from company executives. “The increasing threat of confidential data being removed from the network inside the organisation through the use of removable media devices such as smartphones, USB flash drives, 'plug and play' hard disks, PDAs and MP3 players.
“But what can possibly be dangerous about these devices? The threat is that they have massive storage space, enough to save an entire customer database, a company's financial records and HR files. After all, an MP3 player is just a big hard disk.”
Now consider that one of these devices can be connected to any PC on your network and used to copy hundreds, if not thousands, of sensitive files in a single minute without anyone noticing.
Mc Loughlin points to SystemSkan as a solution. “It will greatly increase the efficiency of network management and reduce the cost of administration services within the workplace.”
SystemSkan is used to identify security risks within an organisation, and provides policy enforcement tools to minimise these risks. SystemSkan assists in setting the appropriate policy and provides enforcement tools to protect company information.
It is now evident that in many organisations, an alarming gap in their approach to information security is becoming evident. The requirements of information security are evolving, based on a whole new set of emerging challenges and threats.
SystemSkan can detect program usage, file access and activity, and generate records of all network activity, including Internet use. The program provides reports in a simple, easy-to-use format. Unlike basic monitoring products, which are purely reactive (providing a report once a breach of network policy has occurred), SystemSkan provides both reactive and proactive security features.
“SystemSkan has been developed to suit the needs of IT administrators, but with a simple-to-use central console, it is friendly enough for CEOs and department IT managers to use quickly and easily. It is an essential policy enforcement tool to manage networks, knowledge workers and to protect intellectual property,” he concludes.
SystemSkan is a total user management tool, which provides business managers and IT administrators with the ability to view and record every user's actions on the computer network, including Internet and outgoing e-mail attachments. With SystemSkan, every user event is audited and can be controlled.
For more information, contact J2 Software on 0861 00 J TWO (5896) or e-mail john@jtwo.co.za.
Share
J2 Software
J2 Software is a leading South African Information Technology security company. While most organisations are now starting to realise the impact of data theft and abuse of IT resources by employees, J2 recognised the need to protect against this activity some time ago. J2 Software was born after the founders identified an opportunity in the IT market in South Africa and the rest of Africa. They saw a growing need for information security solutions that were comprehensive, simple to deploy, easy to use and good value for money. After tireless searching and investigation, J2 Software was officially launched in 2006.
Shortly after inception, the customer list of J2 Software started to grow rapidly; and this continues to be the case to this day. J2 Software has provided services and solutions to numerous renowned, forward-thinking companies with sites running in South Africa, Angola, Botswana, Kenya, Malawi, Mauritius, Mozambique, Tanzania, Uganda and Zambia.
J2 Software provides solutions and services to various organisations that have a requirement to secure their sensitive information, as well as implement, monitor and enforce internal security policies. In recent times, organisations are placing a far higher priority on the security, accountability and control of their most prized asset, their information.
Adding to this is the ever growing pressure being placed on companies and their directors to maintain the security and control of the sensitive data of their clients, as well as the necessity to conform to various local and international compliance regulations.
With the continued rise of identity theft and confidential data leakage, the need for J2's product offering is not only and advantage, but an absolute necessity.
Editorial contacts