Recent research undertaken by the Department for Business, Innovation and Skills (BIS) shows that 31% of the worst security breaches in businesses during 2014 were caused by inadvertent human error – and a further 20% by staff deliberately misusing systems.
It’s a huge wake-up call, because the reality is that the day-to-day demands within any enterprise mean employees will do whatever it takes to get their jobs done, whether that’s:
- Accessing corporate data from a personal smartphone or tablet
- Accessing email and business apps outside of office hours
- Using unmanaged apps for work tasks
- Finding ways around corporate policies.
This level of behavior is now regarded so widely as being the ‘norm’ yet most organizations are not prepared for the repercussions. Such workforce behavior, unchecked, is leaving enterprises dangerously exposed:
- Instant gratification– 2 out of 5 employees move work files to personal devices and one-third move work files to cloud-based file sync and share tools. Half of employees think companies don’t enforce data protection policies/don’t take action.
- Low security–aware culture: Half of employees that lose or leave their job take IP with them; 40% plan to use it in their new jobs.
Not only is user behavior a security concern, but bad-behaving apps are increasingly threatening corporate data. Last year, Gartner reported that 75% of apps will fail basic security tests. At Symantec, our Norton Mobile Insight research uncovered that the amount of mobile malware has grown four times in the last year and popular consumer apps are often rated medium or high risk because of the level of personal and device information it has access to that could potentially exploit corporate information.
How then do enterprises protect their data at all times, so it is beyond such compromise? By keeping that data – such as email, for instance – in a separate, secured ‘wipeable’ app, rather than in consumer or native apps. With secure mobile apps, employees can be productive on the go with the ability to do these essential tasks:
Check email, manage tasks and calendar items. Separate corporate email, calendar and contacts from personal or native apps so it can be easily encrypted and managed on its own, in a single app.
Open, edit, save and collaborate on documents. Provide a file repository with secure storage for viewing, editing, and sharing corporate content, and set policies to prevent opening or copying into unmanaged apps.
Access internal websites and web applications. Use a safe internet browser that connects securely to the corporate network for quick access to internal websites and applications, without requiring a VPN.
With Symantec Mobility: Workforce Apps, companies can leverage our secure productivity apps and secure everything that’s related: data in-transit, as it goes from the corporate network to the app on the device, and between apps (block copy/paste to a non-managed app, for example), encrypting attachments and where they are stored, and enforcing passwords and two-factor authentication on the apps. Crucially, it also empowers enterprises simply to wipe each app, if the data needs to be removed.
These business apps are sleek and sophisticated, too. Symantec Work Mail, for example, recently redesigned, has a fresh UI and swipe-friendly gestures, as well as almost all the features of desktop email clients – in other words, this is a highly advanced solution that meets an enterprise’s security issues, delivering the additional capabilities their existing solutions may lack.
PROTECTION IN ACTION
Here’s a couple of real-world examples of mobile security challenges:
- The IT director needs to be able to explain to the C-level that secure apps are for the business benefit, not an IT restriction. When the CEO puts a new personal phone or gadget on his desk and wants to use it for work, the IT director needs a way to secure the corporate data, without the risk of wiping out the CEO's personal data.
- Likewise, if a manager loses his or her mobile device (or leaves the company), IT needs the ability to wipe the corporate data/apps off of the device before it can be compromised, leaving personal data untouched - which is especially relevant for BYOD usage.
Deploying managed productivity apps can help corporate IT to tackle these challenges. In a nutshell, what the Symantec Mobility Suite does is ensure your security policies are enforced without impacting mobile worker productivity.
Infographic: Security precautions to take when delivering content through mobile apps
Do you have a third-party productivity tool that you want to be secured and managed with other apps in a secure workspace? Check out the the Symantec Sealed Program which partners with over 150 third-party mobile apps to help companies meeting data security requirements.