Regulated industries such as finance, health care, pharmaceuticals, utilities and insurance operate under strict privacy requirements, especially when storing customer data. Patient information, credit card data, bank information or any private, personal data must never leave the safe, secure zones of the corporate systems. To protect this valuable data, companies typically have stringent user polices stating that employees cannot store customer, patient or bank information on their laptops or smartphones. They also add elaborate encryption and other data protection mechanisms to prevent mobile devices - laptops, tablets and smartphones - from accessing this information.
Realistically, though, employees often need to access this business-critical data from their mobile devices. And, even with policies and secure systems in place, some careless or rushed employees may circumvent the policies and store data on their mobile devices that should not reside there. According to the 2009 study, "Cost of a Data Breach," from Ponemon Institute, 40 percent of all data breaches involved user negligence, and 36 percent of all cases in the study involved lost or stolen laptops or other mobile data-bearing devices.
Guarding Sensitive Data
Regulations that seek to protect customer and patient information, including the Gramm-Leach-Bliley Act (GLBA), Healthcare Information Portability and Accountability Act (HIPAA), Sarbanes-Oxley (SOX) and Payment Card Industry (PCI) Data Security Standard (DSS) and others from the Federal Energy Regulatory Commission (FERC) and the North American Electric Reliability Corporation (NERC) have been enacted during the last few years. To comply with these federal regulations as well as state laws - such as the Massachusetts requirement that all personal data be encrypted - organizations must create and enforce mobile security policies. Once management defines those policies, IT must train employees: Effective security starts with IT departments educating users.
Educating employees about mobile security is the most important first step a company can take. The next step is to place safeguards on mobile devices that will ensure the security of sensitive data-even when an employee ignores policies.
Do you think your customer data is safe because your IT department doesn't support mobile devices? You might be in for a surprise. Even if your company does not support smartphones or tablets, your employees are using their devices for work. In a survey conducted by Zogby International and sponsored by Sybase, 79 percent of smartphone users said they use their smartphone for work and personal functions. To secure this diverse set of approved and non-approved mobile devices, organizations need a mobile device management and security platform that has a range of robust security functions.
Smartphones and tablets are often lost or stolen, and IT needs a platform that will help them protect data that should never have been stored on the devices in the first place.
These 10 mobile security features can help keep companies in compliance:
Mobile Lockdown for Compliance
The mobile enterprise is here to stay. Smartphone and tablet use increased from 20.7 million units in 2008 to 33.7 million in 2009, according to ComScore. These mobile devices are so popular that IT departments will not be able to prevent them from entering the workplace. In a 2009 survey, Forrester Research found that 13 percent of information workers in the U.S., Canada and UK use a smartphone for work activities at least weekly, and that number is growing fast. By the end of 2012, approximately 34 percent of the global workforce will be mobile information workers.
As these numbers increase, so does the threat to sensitive, confidential data. To protect that data and remain in regulatory compliance, organizations need to develop a mobile device security policy. This policy must include a mobile device management and security solution that can secure data that might be transferred to smartphones or tablets. This kind of solution is the best way to ensure that sensitive customer information - and your business - will stay protected.