Are Your Employees Keeping Company Data Safe?
The short answer is likely, no.
The mobile office has established its home in the global workforce. Statistics from Global Workplace Analytics estimate that 25 million workers telecommute at least 1 day a month. While percentages of the American workforce may seem small, the growth percentage is impressive: Teleworkers (not including self-employed workers) telecommuting increased 79.7% from 2005 to 2012.
How does mobile work affect your company?
Your employees likely have access to sensitive data, whether company- or client-specific. And nearly every month, we see reports of reputable companies losing sensitive information at the hands of employees. Most major companies have established protocols in place for accessing this information; but how can you know if it’s kept safe?
Even if you have stringent security measures in place for company data, you also have to consider what devices your employees use for access. Is your data only accessible on company-issued laptops? What about personal smartphones or tablets? And what security measures are in place on those personal devices?
What are the challenges?
Common challenges are loss, theft or insufficient security measures on mobile devices. Increasingly, with Wi-Fi locations at almost every corner, are you certain that your company data is secure over any network? The 2015 NTT Group Global Threat Intelligence Report acknowledges that “cybercriminals are often globally organized, well-funded, skilled, and easily outnumber security staffers at most organizations.
Further, the challenge is multi-faceted because of:
- The burden of learning new technologies
- Increasing costs with hard-to-factor ROI
- A worldwide shortage of skilled security engineers and professionals
- Inconsistent user experiences across the variety of products needed
- Incompatible or poor integration between the hierarchy of products”
How can we protect data?
We know that the influx of mobile devices puts more pressure on company IT departments to secure company data and access to sensitive data. To mitigate this pressure, ensure that you enforce multifactor authentication in your systems and provide additional applications to secure any data being carried, not just accessed, by the employee remotely.
Also, Forrester Research recommends the following steps that enterprise organizations should take to protect mobile certificates:
- Establish common policy across applications and desktops, laptops, tablets, and phones
- Identify all sources of certificates
- Map all found certificates to a single user and establish a baseline
- Enforce policy for all mobile certificates
- Detect anomalies like duplicate certificates or unrevoked certificates for terminated employees
- Respond quickly to anomalies with kill-switch-like revocation
- Prepare to quickly remediate when incidents like Heartbleed occur that require all certificates to be rekeyed, reissued, and revoked
(Source: Forrester Research – IT Security’s Responsibility: Protecting Mobile Certificates)
A new unique security solution
You have options when it comes to protecting your enterprise data.
The patented PerSysTek™ RecordVault technology uses a cost effective, software-based three-factor authentication (3FA) method; fulfilling the standard requirement of possessing something you “have, know and are” to offer maximum security.
This technology is scalable, meets federal cryptographic security standards, and is ePHI and HIPAA compliant.
How RecordVault is different
The difference is that the RecordVault Passcode is not sent to you over the network. Each mobile device computes a one-time code and submits it to the authentication server for comparison. The code and resultant RecordVault Key that unlock your files are not stored in the device or the server. They are dynamically computed with patented time-synchronized algorithms and cannot be reproduced. All data is additionally encrypted and memory remnants are cleaned keeping your environment safe.
If you have more questions about your mobile data being protected, contact us at rickw@persystek.com and we will respond within 24 hours.
photo credit: Aplicativo do Senado para dispositivos móveis via photopin (license)