go about it, rigorous app testing is a must if you're serious about
mobile security in your workplace.
TURN BYOD INTO BYOS
The kinds of heavy-handed, one-sided security measures that
worked in traditional computing will not work for mobile.
Because of the immense amount of private information we store
on our phones (let's face it, our phones usually know us better
than our spouses), employees are highly resistant to the kind 'Big
Brother' scale management and monitoring that would be needed
to truly control how your employees use their devices at work.
The good news is that there are steps you can take to pro-
tect your business by proactively assuming a defensive posture.
This means building security from the ground up by turning
your employees from potential security risks to your first line of
defense—educating them on how to transform a bring-your-own-
device environment into a bring-your-own-security workplace.
You employees need to know what their apps are really
doing. How are they storing information? What organizations
are they communicating with? Is the data being they send being
encrypted? They must also learn to follow basic mobile security
procedures, such as implementing passcodes, and being wary
of using unsecured wi-fi hotspots.
Similarly, you need visibility. Do you know if your employee
just uploaded a bunch of data to Dropbox? Do you know which
apps are sending your data in cleartext to servers in other coun-
tries? Do you know which of your employees are running out
of date operating systems, vulnerable or outdated apps that are
susceptible to the latest exploits? You should, and your employ-
ees should know these things as well.
SMARTER RISK MITIGATION
Mobile devices using the right apps can be a productivity
booster for your enterprise, and maintaining a workplace
where your employees feel comfortable using their personal
devices is part of doing business in the 21st century. But you
need to be aware of the security risks involved, and make sure
you and your employees are taking the right steps to address
them. What worked in traditional networked computer envi-
ronments of the past won't work for mobile—BYOD requires
smarter risk mitigation.
Andrew Hoog is the CEO of NowSecure, which provides mobile
security solutions, debunks common security assumptions and
creates smarter technology to ensure private information remains
private and not exposed to unnecessary risks.
www.fueloilnews.com | FUEL OIL NEWS | SEPTEMBER 2015 33
BUSINESS OPERATIONS
l F O N