Manila, Philippines - Enterprises are encouraged to come up with policies and invest in technology solutions to prevent data breaches amid increasing use of mobile devices, an official of content security solutions provider Trend Micro said.
Myla Pilao, director for core technology marketing at Trend Micro, said in an interview the need to come up with policies and invest in technology solutions for data protection comes as most of the risks on data security have to do with the increasing use of mobile devices by employees.
“I think these have to be considered by enterprises now. At one point, one would have a desktop and mobile devices so it is important for organizations and IT (information technology) practitioners to understand what needs to be part of the inventory, because we cannot prevent people from bringing their devices,” she said.
She said mobile devices such as cellular phones, laptops and tablets are being used by employees to store sensitive and confidential information and used to connect to the organization’s network which could bring risks to data security since these are also being used outside of the workplace.
Often, she said, the data breaches are brought about by risky practices of employees.
She cited a study conducted by the Ponemon Institute and sponsored by Trend Micro published earlier this year based on a survey of 709 IT practitioners in the US which found 10 risky practices employees routinely engage in.
The 10 risky practices of employees found by the study: are connecting devices to the Internet through an insecure connection; not deleting information on their computer when no longer necessary; sharing passwords with others; reusing the same password and username on different websites; using generic USB (universal serial bus) drives not encrypted by other means; leaving computers unattended when outside the workplace; losing a USB drive possibly containing confidential data and not immediately notifying their organization; working on a laptop when traveling and not using a privacy screen; carrying unnecessary sensitive information on a laptop when traveling; and using personally owned mobile devices that connect to their network’s organization.
The risks mentioned in the study, she said, are the same risks Philippine businesses face today given the people’s appetite for connectivity.
She said coming up with policies and putting in place technology solutions for data protection could help enterprises avoid data breaches within the company.
Having a policy which would involve employees registering their devices to the organization and putting in place a technology solution for data protection, she said, could allow the firm to see the devices connecting to the network and to easily track where threats to the network are coming from.
Some solutions, she said, could also allow a firm to delete classified data in lost mobile devices as long as the devices are registered in the organization’s network.
She said that while most companies which invest in technology solutions on data protection are the bigger firms, small and medium enterprises (SMEs) need to consider taking that action as well since they are exposed to the same risks.
“The only glaring variance between the SMEs and MNCs (multinational corporations) is the SMEs are more easy victims when it comes to low level attacks. She cited opening an attachment even if it comes from an unknown sender or clicking a link just because it is interesting.”
She said the big push for SMEs to invest in technology solutions for data protection would come from their employees who use the internet everyday by checking their e-mails and social network accounts.
Nowadays, she said, employees would spend more time on their social network accounts than checking their e-mail which makes technology solutions even more important since social network accounts are easy areas to proliferate cyber attacks.
She also said there are technology solutions available for SMEs nowadays which are affordable.