198 Lotus blogs updated hourly. Who will post next? Home | Blogs | Search | About 
 
Latest 7 Posts
Ways to avoid Information Governance pitfalls
Wed, Oct 5th 2016 2
Ways to avoid Information Governance pitfalls
Wed, Oct 5th 2016 8
Finding PCI and PII Data with Discovery Attender
Wed, Sep 21st 2016 2
Finding PCI and PII Data with Discovery Attender
Wed, Sep 21st 2016 5
Bring Your Own Device & Data Security
Tue, Aug 30th 2016 2
Bring Your Own Device & Data Security
Tue, Aug 30th 2016 8
Understanding the General Data Protection Regulation
Wed, Aug 24th 2016 2
Top 10
Avoiding Mishaps in eDiscovery Collections
Tue, Jan 20th 2015 8
Coming Soon for Discovery Attender, Version 3.92
Thu, Nov 5th 2015 8
Bring Your Own Device & Data Security
Tue, Aug 30th 2016 8
Ways to avoid Information Governance pitfalls
Wed, Oct 5th 2016 8
Information governance certification: AIIM vs. ARMA
Mon, Jul 7th 2014 7
Off the topic: 10 must-do fall activities
Mon, Aug 24th 2015 7
How to Survive Data Discovery in the Digital age
Mon, May 9th 2016 7
Targeting Risks in IT – 5 Things to Consider
Mon, Jul 11th 2016 7
Policies for your organization’s IG strategy. Classification, we don’t need no stinking classification.
Mon, Aug 24th 2015 5
Top 10 Horror Movies for Halloween
Thu, Oct 29th 2015 5


Bring Your Own Device & Data Security
Twitter Google+ Facebook LinkedIn Addthis Email Gmail Flipboard Reddit Tumblr WhatsApp StumbleUpon Yammer Evernote Delicious
Harvey Coblin    

With the proliferation of portable electronic devices, increasing numbers of professionals are preferring to carry their own smart phones, laptops, tablets, etc. to use for work-related purposes. Rather than transporting duplicate devices to distinguish between professional vs. personal data, employees can work where and when they please and with hardware and applications they are already familiar with.

It is estimated worldwide that one in three employees are utilizing personal devices at the workplace. While this trend may initially seem to work in the employer’s favor (why pay for a device when an employee is perfectly happy to provide their own?), it also raises troubling concerns. The company enjoys potential cost savings by not having to purchase and support the hardware, it also loses control over what data resides there. This can be of particular concern to small and medium sized businesses that don’t have an IT infrastructure equipped to handle the challenge.

Among the myriad of potential headaches are questions, such as who (other than the employee) might be able to access company data from the device when it is off-premise? And what happens to the data should the employee lose the device or simply decide to leave the company? The possibility for data breaches and information leakage undeniably expands as the workforce becomes increasingly reliant on mobile devices.

Fortunately, there are a number of steps that can be taken to achieve a secure, device-agnostic environment.

  • Conduct an Audit – it is imperative to conduct an audit of your entire IT infrastructure to determine if you are ready to accommodate workforce mobility. Implement gatekeeper software (such as a VPN) to guarantee that data transferred to and from mobile devices over your network is secure.
  • Communicate expectations for acceptable use of employee-owned devices – This includes penalties for violating policies and procedures. In the face of increased use of personal devices, many organizations are implementing “BYOD Acceptable Use” Mobile Device Management (MDM) policies aimed at defining how and when IT can access any devices that may access your business network – including the capability to revoke access or even wipe a device that has been lost or stolen – even if it means doing so without the users’ permission. The MDM policy should also provide guidelines and protocols for employees remotely accessing corporate data. Of course, by imposing rules regarding what employees can do with their own devices, companies can and should expect push-back. Employees reluctant to adhere to MDM guidelines must understand that convenience comes at a cost.

Having a diverse and dispersed hardware environment has advantages beyond convenience. While it seems counter-intuitive, a device-agnostic strategy helps alleviate the risk of malware attacks. Mobile devices may be connecting to the network, but not actually accessing applications. Distributed devices and disparate operating systems may limit the impact of attacks since each device is potentially isolated.

While there are great benefits to productivity and employee retention associated with implementing a BYOD environment, companies need to think about data protection and the potential legal risks of allowing employees to store proprietary data on personal devices. If implemented carefully and with sensitivity to the organizational culture, the benefits of a bring-your-own-device strategy can easily outweigh the risks.

The post Bring Your Own Device & Data Security appeared first on Sherpa Software.



---------------------
http://www.sherpasoftware.com/blog/bring-device-data-security/
Aug 30, 2016
9 hits



Recent Blog Posts
2
Ways to avoid Information Governance pitfalls
Wed, Oct 5th 2016 2:25p   Jeff Tujetsch
Ways to avoid Information Governance pitfalls Information Governance (IG) -It sounds like it is a very extensive process because unfortunately, it is.  There are many components to IG, with the two major players being software and people. In this article, I will try to expose possible issues that you can hopefully avoid. For those of you that have had school-age kids, you can attest to the kids succeeding more when a routine is established and followed. So why am I talking about routine? Beca
2
Finding PCI and PII Data with Discovery Attender
Wed, Sep 21st 2016 1:21p   Marta Farensbach
Various privacy laws and other data security regulations detail how private, financial, and other confidential records should be handled. These rules cover the usage and storage of data, such as credit card numbers, social security numbers, social insurance information, and health care records. As described in a previous blog article, having this Personally Identifiable information (PII) or Payment Card Industry (PCI) data loose in your system can cause all kinds trouble, ranging from fi
2
Bring Your Own Device & Data Security
Tue, Aug 30th 2016 4:25p   Harvey Coblin
With the proliferation of portable electronic devices, increasing numbers of professionals are preferring to carry their own smart phones, laptops, tablets, etc. to use for work-related purposes. Rather than transporting duplicate devices to distinguish between professional vs. personal data, employees can work where and when they please and with hardware and applications they are already familiar with. It is estimated worldwide that one in three employees are utilizing personal devices at the
2
Understanding the General Data Protection Regulation
Wed, Aug 24th 2016 1:13p   Rick Wilson
If your organization has international operations in the European Union, you should be planning for GDPR compliance now! The General Data Protection Regulation (GDPR) is set to become the overriding data protection regulation with the EU. It was adopted by the European Parliament Council and Commission in 2015, took effect in 2016 and enforcement is scheduled to begin in May of 2018. At its core, the GDPR is intended to provide citizens of the EU with greater control over their personal data
0
Targeting Risks in IT – 5 Things to Consider
Mon, Jul 11th 2016 6:04p   Marta Farensbach
Today’s compliance, litigation, and regulation-heavy business environments introduce a number of challenges for busy IT professionals. Ignoring any of these areas, as well as failing to implement a strong Information Governance (IG) platform, can introduce substantial risk into your organization. In the worst cases, data breaches, adverse judgements, or non-compliance penalties could thrust a company into the glare of national headlines. Poor policy can affect more than just the finances of a
1
FOIA reforms are on the way, are you ready?
Wed, Jun 22nd 2016 2:06p   Rick Wilson
If you are employed by a federal government agency, then you are probably well aware of FOIA, or the Freedom of Information Act. FOIA was originally signed into law during the 1960’s by then President Lyndon B. Johnson to establish a process whereby citizens can request copies of governmental records that are not published in the Federal Registry. Agencies, in turn, are required to provide this information in a timely fashion (usually 20 days). Although FOIA is a federal mandate, it has also
0
Breach of Security: Measuring the Cost of Cyber Crime
Wed, Jun 8th 2016 2:10p   Harvey Coblin
Cybercrime is an increasing threat. Estimates vary widely, but according to a recent Reuters article, “Cyber crime costs (the) global economy $445 billion a year.” Other estimates place the costs as high as $1 trillion. The reason estimates vary is due in part to the fact that cybercrime can come in many forms, ranging from denial of service, theft of credit card or other financial information  (PCI/PII), industrial espionage, all the way up the ladder to state-sponsored terroris
1
How to Survive Data Discovery in the Digital Age
Wed, May 18th 2016 12:42p   Jeff Tujetsch
eDiscovery. That one word will make IT professionals start shaking. But, as the most technologically advanced civilization in the world, why is that? Is it because of what will be found? Is it because of what they are asked to search? Or is it because of the search terms they are asked to use? Well, the answer to each question is ‘Yes’. Data Discovery has grown into a multi-billion dollar world-wide business. Though the United States might lead the way because of our litigiousness,
1
Information Governance and the Internet of Things
Wed, May 11th 2016 2:28p   Marta Farensbach
Machines talking to machines.  Once the province of science fiction, the Internet of Things is set to transform industries as visionaries incorporate its wide reach into everyday objects. On a very simple level, the Internet of Things (IoT) describes the freeing of communication from the domain of computers and smart phones by allowing all types of devices to share information across the internet.  ‘Things’ like cars, fridges, health monitors, water meters and so much more can be empower
1
WHITE PAPER: Implementing Office 365: Inherent Features and the Need for Third Party Tools
Wed, May 4th 2016 12:59p   bhat67i
In this white paper, the topic of Office 365 and complementary solutions will be discussed; insights will be offered on a business’ future migration plans and knowing the options available. One will learn:  Why Office 365 is a compelling platform, Examples of productivity integrations, About the importance of information governance integration, Supplementing with third party software Click here to download this white paper! The post WHITE PAPER: Implementing Office 365: Inherent Fea




Created and Maintained by Yancy Lent - About - Planet Lotus Blog - Advertising - Mobile Edition