Controlling data risk in the BYOD onslaught
The BYOD era is in full swing, posing a higher level of data security risk to enterprises. CIOs are faced with balancing the need for mobility with the need to protect data
Data protection has always been a challenge, even when data flow was, more or less, confined to a closed network system. Now, we have the BYOD (Bring Your Own Device) era in which your employees and contractors basically feel they should be able to use whatever device they want to create information, share it and retrieve it at will. It makes previous risk mitigation issues look relatively simple.
The challenge and potential for risk will only increase. IDC forecasted that by 2017, the number of global workers bringing their own smart phones to work will reach 328 million, up from the estimated 175 million workers doing so in 2014. Company-purchased smart phones are also on the rise, with an anticipated 88 million in use by 2017, up from an estimated 69 million in 2014.
Tablets, too, are on a fast trajectory. Forrester Research reports that by 2017, nearly one in five tablet purchases will be made directly by companies. That equates to roughly 68 million tablets flooding the workplace. The numbers tell the story: BYOD and the flexibility it gives our highly mobile workers is here to stay. Happy as employees may be to use mobile devices, it presents an enormous challenge to CIOs who must set new standards and policies across the enterprise to protect data and mitigate risk.
CIOs are working with their IT teams to put into place systems, rules and technology that will allow workers the computing freedom they desire, at the same time ensuring data is safe, retrievable and to the best possible extent, risk free. Below are five areas that CIOs and IT managers need to be watchful about when deciding the best data management and protection solution:
Enabling file synchronization
Enterprises view BYOD as a way to increase productivity, and that means enabling work to continue without delay across the different devices used by employees. They need a file synchronization solution that meets data security objectives while enabling data access, whether the data was created at an office desktop, or on a laptop at a different location. While employees send files to the cloud or put them on USB drives, assumedly to work on later at home, often they may not be able to return to the file and wind up working on it again, back at the desktop or laptop. This creates risk because business data now resides in a potentially unsecured location and different versions of the files exist in different locations. It’s critical to managing risk to be able to pull different data sources into a single pool of protection, management and access.
Efficiently protecting data
As employees use as many as three devices a day, data governance takes on more complexity. Even less sensitive data needs to be governed as files move across devices, and outside the enterprise, to suppliers and customers. It is important to have a solution that helps to prevent data loss by enabling efficient, rapid and transparent backup for business-critical data on laptops and desktops through deduplication, opportunistic scheduling, bandwidth throttling, flexible policy definition, and the intelligence to run a backup only if a file has changed.
Easily accessing files while mobile
Employees will no doubt expect the same quick access to files while using a mobile device as they have from their laptop or desktop. The solution needs to be able to deliver data portability and self-service access to a secure, personal data cloud so that they are able to access their files from virtually anywhere, at any time, and also protect files from their tablet or phones.
It’s also necessary to be able to access and retrieve documents that have legal and compliance relevance, regardless of where they reside, without having to spend a lot of resources retrieving laptops from far flung locations. The solution needs to have simplified administration and the ability to rapidly find key documents. Chief Legal Officers (CLOs) will thus be able to create legal holds and choose the best strategy earlier in the audit or litigation process.
Dealing with data on lost or stolen endpoints
Data breaches are becoming more prevalent these days. Employees’ increasing mobility only adds more probability to these types of incidences. One of the major enterprise concerns is the incidence of lost or stolen laptops. File encryption is essential to preventing unauthorized access that can occur. Remote wipe can be used to delete files and geo-location is a valuable tool in tracking lost laptops. Techniques like IP address logging can be used to identify where a laptop or desktop is located to determine if it has been lost or to help recover it.The solution needs to allow administrators to set policies that define granular encryption rules down to the file level.
BYOD’S next frontier
Like it or not, CIOs and IT teams are going to face even more complex challenges as the mobility and BYOD trends continue to accelerate. To further minimize data loss and breach risk, CIOs are looking at new ideas such as ‘geo-fencing’ in which an employee can only access certain data within a specified physical distance from a secure building.
It is a critical time in BYOD’s evolution as executives are examining ways to advance data protection solutions that work in a mobile environment.
Nizar Elfarra, is Pre Sales Director, CommVault.