Being born in the 90’s I am “classified” as a millennial, part of “Generation Y” and fully immersed in the world of technology. The majority of people born after 1990 have grown up with computers and the internet. Most of our online experiences started with the reward of being able to play Neopets or Pokémon on our parents’ work computers, and have evolved into devoting hours every day to YouTube, Twitter and Facebook. I am well versed in the art of quickly replying to a text while browsing through multiple websites and watching TV. That being said, sometimes my multitasking leads to mistakes; there have been a fair number of times when I have accidentally sent the wrong information to the wrong people.
Archive for the ‘Email Security’ Category
When I speak to CISOs about the future of the mobile workforce, I am reminded of Gandalf from The Fellowship of the Ring: “Keep it simple. Keep it safe.”
Ok, that is not an exact quote from J.R.R. Tolkien, but the similarities are striking. The earnestness with which IT and security professionals implore that business apps be both secure and easy to use accentuates the gravity of the situation they face. The data wraiths and thieves are constantly on their heels. With mobile devices, the physical loss of the device—and the data it contains—is a new threat. And even if the device remains firmly in the clutches of the user, the data may not. There are a multitude of mobile apps that make it easy to share and over-share data. If workers find the corporate app to be too difficult to use or it hinders their workflow, they are likely to turn to unapproved alternatives.
Marshall McLuhan coined the phrase “the medium is the message” in writing about the social impact of technology. While we are watching the content, we miss the transformative impact the medium has on our lives. Just as the simple light bulb forever changed how we live and work, the Internet of Things—embedded in devices from pacemakers to home thermostats—creates a connectedness we could not have imagined just a few years ago. And it makes us simultaneously free and vulnerable.
At its most basic level, the Internet of Things (IoT) is the interconnection of devices and sensors across the Internet – machines talking to other machines about your health, a refrigerator that keeps track of its contents, and a home security system that monitors your comings and goings.
This free flow of information is both exciting and terrifying. (more…)
Mobile devices make it easy to access information from almost anywhere and to share it with just about everyone on earth. However, by their nature as small and highly portable, mobile devices are also more easily lost or stolen—and with them—the data they contain. For businesses, governments, militaries and other organizations that create and deal with sensitive information, mobile devices pose a huge security risk. While there are many solutions designed to protect data on mobile devices, what if you could delete sensitive data from the device before it is put at risk?
In light of last week’s announcement that the records of 80 million customers were stolen from healthcare insurer Anthem, it is worth noting that healthcare organizations have a particularly heavy data protection burden to bear. As the NY Times reported, Protected Health Information (PHI) is incredibly valuable. Where credit card records were selling for just 33 cents each, a patient medical record on the black market sold for $251.
Why is PHI so valuable?
Last week, 451 Research analyst Daniel Kennedy released a report which revealed that corporate data protection is the top mobile concern for security managers. How much of a concern? Forty-two percent (42%) of the security managers they spoke to cited data security as the top priority. The next highest concern was user-owned devices (BYOD) at 11%. While I am not surprise that data security is the top concern and BYOD is second, I must confess that I find the huge delta between the two concerns surprising. With BYOD such a distant second, it is apparent that security managers do not feel that company data, such as PII, PHI, PCI and intellectual property (IP), is safe even on corporate-owned devices.
So why is this? (more…)
The way we do business has changed, which has data security professionals recently speaking a lot about data-centric security. With dispersed, global workforces and the proliferation of mobile devices, it is not possible to keep all of our sensitive data behind the “castle” wall. Data today must be shared, at least some of the time, outside of the citadel of the central network. Data-centric security solutions help organizations properly manage and protect data throughout its lifecycle. If Sony Pictures Entertainment had implemented a data-centric security approach, they likely would not have suffered as severe a breach.
So what is data-centric security? One way to look at data-centric security is to consider it as “data encryption”. (more…)
As the workforce becomes more mobile, enterprises wishing to facilitate a productive mobile workforce need to ensure that their workers have access to information. This means that mobile users must download and share information that could be detrimental to the organization if it is acquired by an outside agent. Yet, almost weekly we hear of another major breach of an organization’s central security perimeter. If the central data vault can be compromised, it raises the question: how safe is your data on mobile devices?
Mobile devices share information over public networks and they make it easy for users to share information with public cloud storage services. Worse still, they are easily lost or stolen. It makes a lot of sense, then, to leverage a tool like Microsoft Rights Management Services (RMS) to encrypt your most sensitive data—especially when it is shared with mobile users.