From Business Security to Personal Data Theft
Concerns over data insecurity are continually evolving as the battle rages on between those looking to improve security and those looking to circumvent it.
As people rely on mobile devices and services like public Wi-Fi and cloud systems to access and store valuable information and entertainment assets, hackers are figuring out ways to crack the devices and connections to gain access to valuable info. Digital information is vulnerable in many ways, both through the device itself and its connection to the Internet.
For example, location leaking applications and deliberately malicious malware target the mobile devices, and cyber-hackers employ tactics like phishing e-mails to get you to inadvertently reveal information. They can also scan data from insecure connections with data sniffing tools to lift your personal information.
The stakes are rising in this cat-and-mouse game, which will only get higher as mobile devices flood the workplace. This trend affects both personal and enterprise settings, with the same devices increasingly being used at work and home, courtesy of the “bring your own device,” or BYOD phenomenon.
According to a new report from Juniper Research, BYOD users will more than double in the enterprise by 2014, when 350 million employees will use their own mobile devices, compared with 150 million today. As this happens, the threats and challenges will escalate and overlap between home and business, creating challenges for tech industries, enterprise IT departments and everyday people alike.
Business corporations are leading the way in circumventing attacks and are developing practices to address these issues, and their efforts can provide a blueprint for how to ensure the security of the wider population.
1. Applications
In the case of third-party apps used by employees in the workplace, enterprise IT departments are taking an interesting tack by creating their own company-wide applications.
For example, employees use Google to find information to do their jobs, but a substantial portion of business information is stored in legacy systems not conducive to search tools. Corporate-developed tools, like an internal search engine, can reduce unnecessary search results and give employees a simpler conduit to corporate information that they may not want on a larger public search engine. IT departments will continue to look for innovative ways to give users access to the most frequent corporate data to help them get up to speed with corporate culture and to empower them to do either job.
Of course, consumers can’t just develop custom apps to carry out tasks, and instead use apps from third-party developers, but business IT are grappling as well with the risk the massive influx of third-party apps bring to enterprise systems. In many cases, rather than trying to control a wide variety of applications across multiple platforms — some workers may use Apple’s OS, while others’ devices run on Blackberry, Windows or Android — enterprise is looking to secure their network instead, an approach consumers could take as well in the future.
In a way, enterprise is approaching the problem the way a person might combat flies getting into the house — not by swatting each individual insect, but by closing the window or putting up a screen. For many corporations, the focus is about securing the data and not the device.
For example Festo’s IT operations manager Steve Damadeo is using Microsoft HyperV to create an iPad environment, which allows him to secure the data and ignore the physical device.
“We’re a firm believer of secure the data and not the device,” Damadeo said in a recent ComputerWorld interview. “I don’t care if you come with an iPhone, an Android, a laptop, a netbook, a tablet or whatever. We’re interested in securing the data. If you focus on that, you can be a lot more flexible in your options.”
While the tech industry is pivoting to secure connections, individuals are still relying on app developers and sellers to ensure the apps are free of malware and bugs. Consumers will continue to rely on apps for recreation and communication and as other uses emerge, like mobile payments, the focus on security will continue to climb.
2. Tablets Replacing PCs
Tablet computing has become a top priority of Fortune 500 CIOs and will eclipse PC use by 2015, if not sooner, and their unique features are bringing special challenges to IT professionals, ranging from their place in the growing cadre of business tools to managing security.
Tablets are more than just laptops without screens or smartphones with larger screens, so it isn’t as easy as extending laptop or phone policies to these new devices. IT professionals have to consider how personal tablet devices will fit into their overall scheme and operations, and are scrambling to better understand and accommodate these devices’ unique place in businesses.
According to an ABM study, which surveyed a small sampling of corporate executive managers, 83 percent of respondents reported tablet usage is meaningful, but only 43 percent say they have the understanding and the resources to charge into tablets on their own. Savvy enterprise leaders are making sure they have a plan before rolling out the devices, by understanding what workers will use them for, providing allowances for potential app integration issues, realizing the devices’ support and security needs and moving beyond the notion that tablets are cheaper than laptops.
To maximize tablets in the workplace, enterprises need to figure out which accessories, like projectors, bar code scanners and external monitors, will spur more boarder adoption of visual communications.
Also, tablet users in the workplace are likely to expect decent coverage everywhere, not just around desks and traditional work spaces, which will have a massive effect on the size and performance of the network and could have a far more significant impact on the enterprise than either the desktop or laptop computer.
The cost of tablets is considered additive, since they don’t really offer anything that other devices can’t do already, so their adoption may be slow. Either businesses will decide to replace aging PCs with tablets, or tablets’ capabilities will outshine those of laptops prompting a large scale replacement.
These considerations are also weighing on the minds’ of consumers as they consider adding a tablet to their cadre of electronic gadgets. It is much easier for consumers to buy their own tablets than for businesses to outfit their workforces with iPads, but it still requires a level of thought when it comes to keeping their device safe.
Just like businesses, consumers are best off thinking about how they plan to use a tablet device. Consumers who use tablets for entertainment — streaming movies and books, watching YouTube videos, and video-chatting with friends can find the data to do these activities is costly. Public Wi-Fi offers a break from these often heavy data fees, but the public nature of the service raises its own security concerns and it isn’t available everywhere. These considerations are similar to those relating to laptops, but tablets’ easy portability puts a renewed emphasis for use away from home, highlighting this decision.
In this light, the consumer who determines the main use they expect from their tablet device can more easily use this information to inform their buying decision on the type of tablet, as well as whether they want to secure a connection with carrier coverage or opt for home use and public Wi-Fi.
The unique capabilities of tablets will place increasing pressure on business IT units to offer network coverage and fortify their infrastructure, something that consumers are beginning to understand, too.
3. Social Media
Social media is eclipsing other digital forms of communication like e-mail, which is becoming a legacy technology. Just like devices, people often use their personal social media to communicate in the workplace, so the dilemma of different options like Facebook, Twitter and LinkedIn, presents challenges in terms of securing these social correspondences.
Experts report there are more than 400 social networks with one million more users, putting pressure on enterprise to open up corporate communication to allow for greater employee collaboration. But they need to tread carefully. The recent security breach of business social media LinkedIn, in which more than 60 percent of hashed passwords accessed by hackers from the database were posted online, highlights the cause for concern.
Beyond hacks, social media is vulnerable in other ways, since the tools originally promised to widen connections and deepen conversation are often used to avoid these activities altogether. In a place where a premium is placed on the personal connection, businesses need to make sure social media is used to project the desired image and is employed to enhance, rather than simply replace the relationship.
Despite the concerns, businesses are gravitating to social media, especially as a favored marketing conduit. But beyond one-on-one conversation and broadening customer reach, businesses and institutions beyond the Fortune 500 are implementing social networking to promote and revive their businesses in less expected ways. In some cases, social media is being used to replace old modes of communication, truncating lag times and speeding up responsiveness.
For example, British clothier Burberry is now embracing social networking to connect the supply chain, drive sales and build the brand. The company has received millions of hits on its Art of the Trench social networking site, where consumers can connect, post pictures and start the conversation about their own timeless trench coat. In this way, consumers have a platform to communicate directly to suppliers, and inform design decisions that are likely to pay off.
So far, Burberry has seen a 21 percent increase to their bottom line by stressing the connection between customer and supplier. Other institutions like the State University of New York are joining in with their Smart Track system featuring social media to help students understand the realities of financial aid and lend transparency about real college costs, financial aid accumulated by today’s college student.
SUNY’s program features a central online hub to act as a one-stop resource for borrowers and financial aid experts will host online chats via Facebook, Twitter, and other social media to answer questions and offer advice to students and families they move through the financial aid process.
Facebook, Twitter and other social media are, of course, services offered by outside parties, which bear the brunt of the responsibility in securing them. Considering how much everyday users as well as business clients use them, the realization is disconcerting. But security is just the first of many concerns in social media — the dawning awareness of social media’s enormous predictive potential and allure to advertisers and governmental organizations is a little unsettling to some privacy-conscious users.
The complexity and reach of social media is also presenting a legal gray area as well, with everyday people fighting in divorce as well and probate and estate courts over who gets social media assets when a couple splits or when someone dies.
Individual users may be able to learn from businesses’ ability to safeguard social media, but the enterprise could take a page from the wider population’s experience in developing a legal framework for the innovation. And, as the value of social media connections continues to rise in the workplace, corresponding employment laws will need to evolve to discuss them.
These three factors — and the enterprise’s greater dependence on a mobile workforce — will push the security envelope as well as IT departments, who are both looking and offering clues on how to proceed as they craft a useful roadmap with promising, but still challenging, mobile technology.
