On November 1st, my colleagues and I attended a symposium at the University of Salford about mobility and device management. While talking with other attendees, we naturally turned to the numerous election scandals in the US, mainly because UKIP haven’t been in the spotlight for a few days.
One of the more relevant speeches about this trend was by Professor Steven Furnell of Plymouth University. He elaborated on the topic of device security for organisations as well as for the implications of ‘Bring Your Own Device’ for the individual. Even if a company provides a device, inevitably there will be some personal data of the employee on it. Essentially, there are two levels of ownership on mobile devices: ownership of data and ownership of the device itself.
As I type this on my work laptop, I realise how much personal information I have stored on it. I cannot post on our company’s LinkedIn page without logging into my own profile, I have made business purchases with my credit card and have watched my share of funny cat videos. In other words, an experienced hacker could surely glean enough information about me just on those three counts. How much information can they access if they hacked into my work email via my phone?
A moment of personal insight came when he showed the audience a picture of a Nokia 3210. My first mobile phone! For the time, it was great. However, it had low connectivity, limited data storage capabilities and a lonely snake trying not to get tangled up while chasing a pixel. Unfortunately, most of us think of the data on our smartphone in the same way as we did in the 90s. We have complex passwords for our personal computers but very few of us use the biometric lock or even a password on our phone. We disregard the high levels of information on our phones. This is the same for many organisations. This is the same for Hillary Clinton! And this is why data and device policies are necessary along with user education and technical safeguards.
In today’s evolving culture of mobile working, we need to know about data encryption, malware, ransomware and spyware, even as a user in the marketing department. It’s not something that we ought to deal with every day, but it should influence our decision on which devices to use and which applications are best for the security of our organisations.
Later in the day my colleague, Gemma Walford, gave a talk about the cultural shift to mobile working and her personal experiences. Digitalisation, work efficiency and security go hand in hand in this new culture. As technology evolves, so will we but we also have to make the effort to understand the positive and negative aspects of the technology we use to keep our data safe and accessible.
However there is another truth for app, system and software developers. When Convene was developed, we realised that security is thought of as IT department's problem. Yet the IT department is not always in charge of purchasing new software. So why not develop something that seamlessly integrated security into the user experience? Convene does just that and we are constantly evolving.
Still feel like you are in the dark about mobile working? Read more about it here.
Not convinced that mobile security and device management is a priority? Here is some scary information from Ernst and Young’s Security Survey: