Security in the Age of Mobility

Posted by

Sep 3, 2015 5:03:02 PM

Google Logo
Security in the Age of Mobility

Enterprise mobility has no doubt been a significantly transformative trend, but like any major change in corporate operations, the advantages and positive opportunities are accompanied by a range of demands and threats. Change management has been a common challenge among organizations in virtually every industry, while only the fastest and most agile firms have been able to survive and thrive in these perpetually shifting market landscapes. 

When a company deploys a mobility strategy, it can be viewed as a pressure test for their data and system management strategies, notably from a security standpoint, as smartphones and tablets remain as liabilities. Especially when a firm is covered by regulatory compliance statutes and stringent security standards, these initiatives cannot be handled in a flippant or otherwise unplanned fashion, but rather dictated by strong policies that are the products of extensive internal and external research. 

With the help of managed service providers, small businesses have been aggressively embracing BYOD and other mobility strategies to ensure that their workforce is prepared to function in the modern era. Looking forward, security will need to be one of the more prominent fixtures in these contracts and partnerships, and MSPs have indeed begun to position their services in such a way that keeps mobility protection at the forefront of the agreements. 

If you would like an explanation of the mobility security concerns that are pressing entities the most today, check out this MIT Technology Review video of Kevin Mahaffey speaking on the topic:

Mobility is becoming a more central aspect of corporate IT strategies and general business processes as the years progress, and small-business owners will need to be vigilant in their approaches to deployments and management as a result. Plenty of lessons have been made available to learn from in this discussion, as so many organizations have already gone through some of the more trying aspects of strategic creation and execution. 

In health care
One of the best places to look at wins and failures in the mobility security arena is the health care sector, where providers have had to quickly adopt these technologies while maintaining compliance with federal compliance statutes that are increasingly difficult to balance. Writing for mHealthIntelligence, Vera Gruessner recently explained some of the takeaways listed by the Journal of AHIMA regarding the best practices of handling data management and security demands in mobile-enabled medical environments.

Now, while small-business owners who are not governed by stringent regulatory compliance statutes might think that adhering to these best practices might be overkill, this is simply not the case. Should entrepreneurs successfully follow in the footsteps of medical firms that have indeed deployed and optimized BYOD strategies without taking on increased security risk, they will be far better protected against the damages associated with breach. 

Mobility security might be the biggest question mark in health care. Mobility security might be the biggest question mark in health care.

According to the news provider, the comprehensive management of finances, policies, users, technologies and processes will be critical to maintaining compliance and protection following the deployment of a mobility program in health care. When pieces are left out or the entity struggles to unify the management frameworks, the chances that a breach will occur will be inherently higher, and this can be avoided with the right approach to strategy. 

"In the context of litigation, IG (information governance) must encompass the means to deal with litigation that is either in process or reasonably anticipated when the duty to preserve relevant information arises," the Journal of AHIMA's Ron Hedges explained, according to the source. "IG is important in this context, as a healthcare provider cannot preserve anything appropriately unless the provider knows what information they have, where the information is, and how to preserve the information correctly. All of these things are necessary for effective IG as it relates to legal considerations for a provider."

At the end of the day, mobility will often be unwieldy at first, and can complicate matters for small businesses that have not yet overhauled and modernized their data management strategies. Again, though, the right managed service provider can help to reduce the strain that would otherwise be placed on technology workers from the point of deployment to the end of device, application and system life cycles. 

"Companies that fall behind will struggle to catch up."

No slowing down
Unfortunately, companies that fall behind in their mobile initiatives will likely have a significant problem when trying to catch up to the trends and transformations taking place within smartphone and tablet manufacturing markets, application development and beyond. Like so many other trends facing the private and public sectors today, mobility has not remained still for even a moment, but rather continues to evolve rapidly thanks to healthy demand from corporate and consumer entities. 

TechTarget recently argued that information governance's greatest challenge might indeed be attached to mobile data management, and that leaders in the IT department must act accordingly to ensure the integrity of their strategies in the coming years. The news provider cited some of the comments of Fairview Health Services vice president and chief information security officer Barry Chaplin regarding the challenges involved in securing mobile frameworks. 

"There is a lot in security that's conceptually simple, but the operational, the boots-on-the-ground stuff is very complex," Caplin told the source. "We can't just slap on a solution because if it doesn't mesh with how people work day to day, then it's not going to work."

According to the news provider, organizations might be able to get a bit of a jump on these responsibilities through the implementation of more targeted and tailored data usage policies, with a specific focus on monitoring activity related to mobile information access. Additionally, TechTarget pointed out that antiquated, traditional data management strategies will simply not fly today, nor tomorrow, as more advanced challenges are ubiquitous throughout industries. 

It has become clear that many small businesses will need significant support in their creation and execution of sound, productive and secure mobile strategies, and MSPs should be tapped when ever leaders are doubting their internal ability to get the job done. 

Topics: Business Communications