Overall, the exploding use of smart mobile devices and the business productivity that accompanies this trend is a wonderful thing. However, it has many CIOs and IT administrators reeling. They are constantly asking themselves, “Do I really know where our sensitive data is and is it safe?”
This concern is not unfounded. Plenty of their critical corporate data is likely going places never even imagined – in a bar or coffee shop, wandering the streets, maybe even into the hands of a stranger. Wherever employees are toting their smartphones and tablets, chances are they are also carrying sensitive information.
The answer, however, is not to prevent the use of these new and innovative mobile devices. Instead, a new goal has to be made: securing information no matter where it goes.
Therefore, what enterprises must do is extend their mobile security strategies – which hopefully already take mobile device management and endpoint security into account – to include encryption policies. By thus securing data itself, the risk of losing sensitive information can be greatly reduced.Imagine for a moment an attacker has gotten their hands on an employee's smartphone. By either guessing a too-simple screen-lock password or using software to crack it, this miscreant now has unfettered access to the employee's email and all the sensitive information therein. However, if encryption had been employed, the messages in the employee's inbox would have remained inaccessible.
In short, it has grown impossible for organizations to know everywhere their potentially sensitive data will go.