infoTECH Feature

October 28, 2015

Balancing Security and Mobility in the Age of the Data Breach

A Dilbert strip featuring Mordac, the Preventer of Information Services, once declared that “In a perfect world, no one would be able to use anything.”  A recent study from Gemalto (News - Alert) showed users may be facing the same problem as IT departments are under increasing fire to improve security, even while trying to improve mobile access, especially for remote workers.

The Gemalto study, the 2015 Global Authentication and Identity Access Management Index, showed that 92 percent of IT departments worldwide restrict users from accessing corporate data from mobile devices. Ninety-five percent of IT departments are having trouble giving users necessary access remotely, and security concerns are the biggest problem. Just to top it off, 94 percent believe that the organization will be breached as a result of credential theft.

If that sounds like paranoia, it's actually a well-founded concern.  The average organization employee has around two mobile endpoints and three sets of credentials to manage. Throw in the idea that 20 percent of IT support tickets stem from lost or forgotten usernames and passwords, and IT may have cause for concern.

But IT isn't taking this lightly. Eighty-six percent of IT departments look to bring in two-factor authentication for cloud application access. Plus, 38 percent of users are already putting it to work, and over the next two years, that will rise to just over half at 51 percent. Fifty-seven percent put two-factor authentication to work in external access, and 92 percent of respondents had at least one application—from Web portals to virtual private networks (VPNs)—protected by this tool.

However, with 97 percent of companies acknowledging the importance of offering mobility to employees, the issue of how best to balance mobility with security will be prevalent for many companies. No one wants to suffer a data breach. It has impact both immediate and delayed, as companies lose opportunities in a bid to repair systems, lose face with customers—along with the potential to sell to these customers later—and potentially run afoul of regulators, depending on the industry. Yet too much security can be a problem as well; like Mordac noted above, the most secure system is the one no one can use. But that kind of system also presents no opportunity for users, and represents lost potential profit. Companies need to benefit from the systems in place, and can't do that if the security is so strong no one can get in.

There are other ways to go here; instead of focusing on preventing a data breach, companies could instead focus on protecting data with encryption. Companies could turn to more biometric security; it's hard to fake a fingerprint. Many options are on hand for the astute; it's just left to see which actually come into play, and how the balance is struck between security and mobility.




Edited by Kyle Piscioniere
FOLLOW US

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers