Is your company data safe in the hands of your mobile workers?

[Jake Kouns <jkouns () opensecurityfoundation org>]

http://www.scmagazineuk.com/is-your-company-data-safe-in-the-hands-of-your-mobile-workers/article/177551/

Colin Woodland, VP EMEA at IronKey, outlines the issues business and
IT must face as they continue the push towards mobility. He warns that
without the right preparation, the move towards mobile workforce holds
potentially hidden and debilitating costs.

With IDC forecasting that the global mobile workforce will grow to
nearly 1.2 billion people by 2013, organisations must consider if they
can afford this change in operations.

While productivity gains outweigh capital costs, the very real costs
of data circulating outside the safe confines of the office could make
a mobile workforce much less attractive. Embarrassing data breaches,
government fines and stolen intellectual property are some of the very
real costs of a mobile workforce today.

The mobile data landscape

The move towards a truly mobile workforce is accelerating at a
blindingly fast pace.  IDC estimates that there are already over one
billion mobile workers worldwide. Laptops, netbooks and USB flash
drives allow workers to access, remove and store large amounts of data
and take it outside the relatively safe confines of your corporate
offices. There's no doubt about the productivity gains and benefits of
a mobile workforce.

But, the surprising cost of what can happen to your business data as
it leaves the office every day may dramatically outweigh the benefits
of mobility. Today, the impact of intellectual property theft and
fines levied by UK regulators can make one lost laptop or flash drive
a disaster waiting to happen. The Ponemon Institute found the average
cost of a data breach in the UK reached £1.68 million in 2009. How
many managers thought it couldn't happen to their organisation?

If business and IT leaders don't address data protection before it's
too late, a mobile workforce can be a one-way ticket to a costly and
unsightly end.

The unseen cost of a mobile workforce

Already in the UK, over 500 organisations have reported to the
Information Commissioner's Office a lost laptop, flash drive, or other
portal device since the beginning of 2007. Of course, this is just the
tip of the iceberg. Most incidents went unreported but can still come
back to haunt businesses. Between April 2008 and March this year BBC
staff reported that 146 laptops had been lost or stolen. The UK's MoD
reported losing 215 USB flash drives over the last two years. In both
cases, how many lost or stolen devices went unreported? How many get
lost in your organisations?

Unlike before, the ICO now has the power to levy £500,000 fines for
each breach. Given past history, it's not a matter of will a mobile
worker be responsible for the next breach, but when. What would your
business do if faced with a multi-million pound bill following a data
breach?

[..]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php