Are you doing enough to secure your organization against the myriad threats facing it in the mobile realm? According to BlackBerry research conducted earlier this year, the answer is “probably not.” We surveyed 1,000 IT executives from seven countries across industries that included financial services, government, and healthcare – and the results are concerning, to say the least.
What we found was that while 73% of organizations have a mobile security strategy in place, a paltry three percent have implemented the highest levels of security possible. This is due in part to user attitude – 82% of executives say their existing mobile security practices cause frustration among their employees, while 44% fear that too much security will prevent staff from doing their jobs.
These attitudes have led to a dangerous atmosphere, one in which nearly nine out of 10 executives (86%) are nervous that their company’s security won’t be enough to keep out hackers or malware. Half of executives further predict that their employees’ mobile devices will inevitably result in security breaches at their organization. And no one is sure how to address this challenge, whether on corporate-owned or BYOD devices – despite half of respondents agreeing that support of BYOD creates risks at their company.
What can be done about this volatile climate? How can executives push towards stronger security practices without winding up stonewalled by the end user? According to BlackBerry Chief Security Officer David Kleidermacher, it all starts with changing the general perception of security as a roadblock to productivity.
“We have heard many of our customers say that security policies can be perceived as a hindrance,” says Kleidermacher. “However, senior executives in every function, and even in the boardroom, need to forcefully communicate that effective mobile security enhances productivity instead of obstructing it.”
When properly implemented, security works with the employee, rather than against them. It connects them with ease to whatever resources they require, while at the same time working seamlessly with the tools they’re comfortable using. It focuses on meeting the needs of the end user – on making them more productive – alongside the needs of IT.
To achieve such an implementation, an active approach is key, Kleidermacher explains. BYOD should serve as a particular point of interest, along with the implementation of a Security Incident Response Team to both mitigate the damage a breach can cause and reduce the chances of said breach occurring in the first place. Unfortunately, that’s often easier said than done – without pre-existing expertise, it can be difficult to keep up.
“[We recognize] that security is a dynamic field, and even the best defensive strategies and technologies today may be inadequate tomorrow,” Kleidermacher continues. “Therefore, the optimal strategy is one that secures the mobile enterprise while boosting convenience and productivity, and can then be adapted to combat new vulnerabilities as they arise.”
That’s why BlackBerry has developed a comprehensive, third-party SIRT program, complete with incident response management services and a best practices assessment. In addition to helping you dispel the myths surrounding security and convenience, we’ll assist you in implementing risk-management functions both rapidly and cost-effectively.
A strong mobile security posture has significant benefits, of that there can be no doubt. It’s implementing such a posture that proves challenging, particularly in the face of inaccurate end-user preconceptions. Dispelling these preconceptions is key, as is regular evaluation of the controls and policies you’ve put in place to protect your organization against the threats it faces – both within and without.
And we’ll assist you every step of the way.