Where Is Your Data?
With increases in smartphone use, risks from “prosumer” devices are on the rise.
By Julie Ask
Prosumers are a lucrative consumer segment for wireless carriers, but they also pose increasing security risks to companies, especially as the total number of smartphones increases. Less than 30 percent of companies procure and manage mobile data devices for their employees. Enterprises must balance the need for corporate security with increasing employee demand for mobility.
Wireless carriers will continue their relentless pursuit to drive adoption of mobile data devices. Prosumers represent only a handful of mobile subscribers in the United States but offer a lucrative opportunity to wireless carriers. Prosumers are more profitable than the average mobile subscriber in that they access the Internet more frequently from handheld devices; they pay a premium for their cell phones; they use their cell phones more frequently; and they more often have data plans for their cell phones and PDAs.
Prosumers frequently use their cell phones for both work and personal purposes, however, thereby exposing their employers to potential security breaches. Cell phones become a conduit to corporate email servers. Moreover, as cell phones are increasingly outfitted with more storage, and network speeds increase, mobile subscribers are more likely to download files to their handsets, which poses another security threat if the device is stolen.
Most companies surveyed by Jupiter Research allow the use of mobile data devices in the workplace, but few companies procure, finance and manage these devices for their employees—which leaves them exposed to security risks. Only a handful of companies explicitly prohibit the use of devices, while nearly a third are indifferent in that they either don’t monitor or allow them, and do not support the use of the devices. The majority of companies do support the devices, which gives them a sense of the situation but doesn’t necessarily translate into control of the devices.
The potential problems created by mobile devices for companies will grow as smartphone sales do. Sales of smartphones will double in the next four years. Sales will be driven by lower prices points, more device options and the integration of mobile email functionality into both corporate and personal email accounts (e.g., Gmail and Yahoo!). Faster networks, synchronization capabilities and increased storage on these devices will also push the evolution of email formats on handheld devices.
IT managers can better manage their situations and avert risk by taking the following steps:
> Survey employees in an effort to inventory devices (e.g., type, operating system, service provider, usage scenario) in the environment to assess the situation. Based on this assessment, establish a policy—whether it is to allow devices or prohibit them.
> Educate employees about the potential risks that mobile data devices pose and encourage the use of passwords.
> Depending on the industry (i.e., security risks), along with the number and variety of devices in the environment, migrate toward management and even remote control of the devices with server-side solutions and over-the-air (OTA) tools. OTA will allow control of the device, including wiping it clean if it’s lost or stolen.
Enterprises must balance their needs for corporate security with increasing employee demands for mobility. Any policies or processes implemented should be “right sized” for the organization by taking into account the organization’s unique needs.