Mobile device use presents CIOs with security threats

tablet security riskTablets and smartphones are everywhere in the business world today, and that’s a double-edged sword.

On one hand, mobile technology brings tremendous gains in productivity to workers on a daily basis. Employees at large and small companies alike can use their tablets and smartphones for countless purposes. If they need to complete a small mundane task like logging hours or sick days, there’s probably an app for that, and for more complicated projects like hiring a new team of employees or drafting up an entire budget, mobile applications can help with that process as well.

Mobile applications can be valuable resources around the office, as using a tablet or smartphone is often more efficient than completing the same task on a desktop. They’re also useful for employees who work from home, enabling them to stay connected, and they come in handy for business travelers who need to keep in touch with their offices. Mobile platforms work well for those who want to share data with others, using the cloud, or who work on projects alone.

All of the above is true. But on the flip side, there’s also the question of whether employees can be trusted to use mobile devices effectively in the workplace. There are myriad dangers lurking – we live in a corporate world where bring your own device (BYOD) policies are rapidly becoming the norm, and several problems can arise when employees use their own phones and tablets at work without supervision.

Lost productivity is one of the more benign issues, in the grand scheme of things. Workers can use their iPads for completing their work each day, but they can also use them for playing Angry Birds when they’re supposed to be focusing on their jobs. This squandered time can translate to meaningful financial losses.

Other problems are far worse, though. More important is the threat of data breach – if employees use apps irresponsibly and leave their information susceptible to being poached by hackers, it can result in serious financial losses for businesses. Criminals can use their stolen information to commit fraud, plus companies must spend large amounts of time and money cleaning up the messes left behind by cyberattacks.

The expense of a data breach
According to a recent report from Symantec, user negligence and system glitches combined to cause 64 percent of the data breaches that companies experienced on mobile platforms last year. Those glitches were extremely costly – at large corporations, the total cost per data breach came out to a whopping total of $5.4 million.

Those breaches weren’t just coming from outside hackers, either. Symantec estimated, citing survey data from the Ponemon Institute, that the chances of insider threats causing data breaches rose 22 percent in 2012. People are harming companies’ mobile data from inside and out.

The firm recommended several potential solutions to this problem. One is educating employees on how to handle confidential information – that includes keeping it encrypted and password protected and not sharing it with any unauthorized workers. They also need to have contingency plans in effect just in case their tech resources fail – there should be procedures in place for recovering any lost information, notifying employees and customers and repairing tech infrastructures to keep the problem from happening again.

There’s also the matter of using effective mobile application management (MAM) techniques. By upgrading their MAM, companies can keep these problems from occurring in the first place.

Managing workers’ application use
Babysitting employees 24/7 isn’t a realistic option for companies. People are going to use their mobile devices, and there’s no other choice but to trust them to use responsibly.

What companies can do, though, is keep an eye on application use to make sure it’s safe and doesn’t needlessly put corporate data in danger. Wired recently reported on this possibility but noted that given today’s information technology landscape, it’s difficult to stay on top of potential threats. Alan Murray, senior vice president of products for Apperian, noted that new mobile devices and applications are coming out all the time, meaning that sources of data breach are always evolving.

“To help manage, monitor, and secure the next-generation of enterprise mobile apps, IT will need to incorporate dynamic policy rules that change instantly based on the behaviors of the applications,” Murray wrote. “Fortunately, mobile application management solutions are now available with this kind of flexibility baked in, alleviating IT of the need to continually monitor employee app usage themselves as updates and alerts are sent to them dynamically.”

CIOs are at a crossroads when it comes to managing their employees’ technology use – they don’t want to bar their workers from using devices that can improve their productivity, but they shouldn’t be too lax, either. A healthy balance is necessary. Tablets and smartphones are the future of business, but companies must manage their use effectively.

Marie Larsen
Marie is a writer for She has an educational background in languages and literature. She covers IT trends and executive technology management topics for the company.