The Mobile Threat

May 21, 2012
Staying secure in the ‘bring your own device’ world of IT security

Companies across all industries are fighting to secure their proprietary and confidential data behind firewalls and complex passwords; unfortunately, the reality is that some data is most likely still slipping through the cracks. The introduction of employee-owned devices and the consumerization of the modern workplace presents a new data loss threat that organizations must address and combat.

The consumerization of corporate IT and the advent of powerful mobile devices has forced many organizations to adopt the “bring your own (mobile) device” (BYOD) approach as an alternative IT-provisioning option instead of corporate-issued computers. Consequently, the organization’s IT security department has much less operational control over the BYOD mobile devices used by their employees.

Mobile computing devices like smartphones, tablets, netbooks and laptops have more diversified threat profiles due to several factors. As mobile devices are mostly used outside of protected office networks, conventional perimeter-based security components cannot be used to monitor and control their communications. Also, by virtue of their physical mobility, smartphones, PDAs and laptops can be lost or stolen more easily. As a result, the data stored on lost or stolen mobile devices can be immediately accessible to whoever finds the device.

For mobile devices that run mobile operating systems like Google’s Android or Apple’s iOS, there are some other issues that broaden their threat profile. First, average users of Android and iOS-based mobile devices tend to install more third-party applications than those of Windows-based computers. The more third-party apps used on a mobile device, the more chances that one of them is malicious or has security vulnerabilities due to poor design, resulting in easy hacking and data loss.

Additionally, data leaks can be initiated by users with malicious intent who copy sensitive information from their PCs to flash memory, cameras and all other types of portable storage. To successfully withstand and fight these new threats, organizations should purposely redesign their IT security solutions in a way to cover use scenarios and threat vectors inherent to the BYOD computing and communications context. While these threats can elude conventional network security solutions and native Windows controls, a complimentary end-point data leak protection (DLP) technology can help enforce data protection policies.

Plugging the Leak
DLP starts with contextual control to block or allow data flows by recognizing the user, the data types, the interface, the device or network protocol, the flow direction, the state of encryption, the date and time, etc. Some scenarios call for a deeper level of awareness than context alone can provide; for example, when the data being handled contains personally identifiable information, when the input/output channel is conventionally open and uncontrolled, and when the users involved have situations or backgrounds considered high risk.

Aside from removable media, data leaks can also occur from user e-mails, instant messaging, web forms, cloud-based storage, Wi-Fi, Bluetooth or VoIP sessions. With DLP controls, security administrators can gain greater peace of mind by passing data flows that fall into any of these categories through an additional content analysis and filtering step before allowing the data transfer to complete.

As DLP technology continues to advance, organizations are able to better understand the effectiveness of content-aware DLP components as well as the context DLP controls across all of the layers and channels of the computer. When considering the deployment of endpoint DLP solutions, organizations should make certain that the controls of the solutions they’re evaluating cover all possible data leak scenarios presented by this new BYOD threat profile.

Vince Schiavo is CEO of DeviceLock (www.devicelock.com).