The cybersecurity environment is becoming more convoluted and diverse as mobile devices, cloud computing and next-generation applications make their way into the workplace. Mobility in particular is introducing a lot of controversy and confusion, as most employees believe data security is not their responsibility. This lack of accountability is causing IT professionals to worry about how employees use their mobile devices, including the applications that are deployed on those platforms.
Bring your own device is also invoking a new sense of cybersecurity concern in the enterprise, primarily because these programs allow people to use personal smartphones and tablets for work-related purposes. If those endpoints are not properly maintained, however, they can invite new vulnerabilities into the network.
These issues, among others, were brought to light in a recent Absolute Software survey of 750 American adults about their use of mobile devices in the workplace. Not surprisingly, approximately 25 percent of respondents said they should not be penalized for losing or leaking company data because cybersecurity is not their responsibility. Interestingly, most of the 75 percent of individuals who said there should be some sort of punishment for these actions downplayed the incidents and the respective disciplines, indicating that many people do not think mobile security issues are a big concern.
"If firms don't set clear policies that reflect the priority of corporate data security, they can't expect employees to make it a priority on their own," said Tim Williams, mobile enterprise data expert and director of product management at Absolute Software.
The uninhibited growth of mobile applications in particular is causing issues, which should encourage companies to start from the ground up and build better software security programs.
Software security is a must
If enterprise executives are worried that the ongoing use of mobile devices and applications in the office will create unwanted cybersecurity challenges, they should consider taking a step back and only allowing individuals to use specific solutions in the workplace. These software products can be built and launched in-house, meaning developers can take the time to carry out robust code review and analysis procedures to guarantee that the end products are resilient and secure enough for work-related purposes.
If developers keep application design simple and straightforward, they will likely be able to produce solutions that are less vulnerable to outside attack in the long run. This is becoming increasingly important as individuals use the same mobile devices in and outside of the office, meaning endpoints are not necessarily being protected by the network at all times.
As the mobile environment matures, BYOD and other initiatives will undoubtedly become more common, especially as individuals develop the need to work remotely without losing access to sensitive data needed for mission-critical operations. By taking software security into their own hands, corporate executives and developers may be able to reduce some of the risk associated with the unrestrained growth of mobility without putting too much pressure on non-technical employees.