In
today’s world businesses rely on computers to achieve that competitive edge
over their competitors. By one click of a button information travels across the
entire world in seconds and sensitive information is forwarded via mobile
devices by employees while travelling.
Physical Security is of utmost important to
protect the data from falling into the wrong hands (theft, eavesdropping and
malware) causing
severe reputational damage or even bankruptcy of the company. Since
organisations have allowed the BYOD concept employees must take considerable
care when using their devices outside of the environment of the company will
performing company responsibilities to prevent unauthorized
access to or disclosure of the information stored on or accessed by the device
eg. Sensitive information and email should be encrypted and the decryption key
should be entered manually, establish secure log in via VPN and enabling secure
wipe of the device if lost/stolen. Company policies and procedures should be
established to address the physical protection of mobile device and information
stored on such devices. User awareness training should be conducted on mobility
protection as users can be the first point of failure or first line of defence.
A defence in depth would be the best approach combining technology, policy,
processes, users and training.
Operations Security enables
the organisation to view an
operation/activity from the perspective of a hacker or competitor. In hand with
Risk Assessments it develops protection mechanisms to safeguard information
stored on mobile devices. To implement and effective Operations Security Plan,
Security Officers should have an understanding of the threats that could affect
breaches of mobile devices. Operations Security is the development of cost-effective security countermeasures
(encryption) by identifying threats, analysing and controlling of critical
information eg. Credit card numbers, customer information, medical information
and passwords.
In
a nutshell, by allowing mobile devices into the business environment
organisations are faced with more risks than before but with proper physical
security mechanisms risks can be mitigated.
Regardless of where your entity sits, data must be protected. Investing in security may not remove the possibility of a data breach. Consider turn to one of the top virtual data room provider.
ReplyDeleteThe company will performing company responsibilities to prevent unauthorized access to or disclosure of the information stored on or accessed by the device eg. Sensitive information and email should be encrypted and the decryption.
ReplyDeletevirtual employee
User awareness training should be conducted on mobility protection as users can be the first point of failure or first line of defence. A defence in depth would be the best approach combining technology, policy, processes, users and training.
ReplyDeleteoutsourced equity research