apacciooutlook logo

Risks of Extending Document Management to Mobile

By Dan Surowiec, Global Director-Technology, Baker & McKenzie

content-image

Dan Surowiec, Global Director-Technology, Baker & McKenzie

So it turns out, it isn't just the phone that needs to be smart. To say that mobile devices can cause security breaches is somewhat unfair. It's a bit like saying a car can cause a traffic accident.

In either case, when an event occurs, it is usually because somebody did, or didn't do, something that was required of them to prevent the event.  Whether that was failing to stop at a stop sign, or failing to put a passcode on a smart phone, most events result from some shortcoming in the human interaction with technology, not solely the technology itself.

"Extending the document management system to mobile devices presents a set of risks that any businesses must weigh up"

In other words—don’t just blame the tools.

You need only glance up from your smart phone on your walk to the office to see everyone else, well, glancing down at their smartphone. Today's workforce is a mobile one. We want and often need access to critical information wherever, whenever, or however, we are working.

Of course we need to be careful. Extending the document management system to mobile devices presents a set of risks that any businesses must weigh up.  An organization must balance and in some cases off-set those risks against the potential benefits gained, available compensating controls, and the organization's risk tolerance.

By applying risk management processes and the appropriate controls, companies can arm their workforce with mobile tools that enable productivity anywhere and manage risk to an acceptable level.  In analysing the risks, companies must identify what can and cannot be done with their data, and set policies to enforce these behaviors.

And of course then there are technical solutions, such as mobile device management (MDM) platforms which can then be implemented to enforce the firm's policies, such as requiring encryption and application sandboxing, which minimize the risk of a breach when an event does occur. The technology is available, it is relatively straightforward and, most important of all - it works.

When a person is learning to drive, we don't simply hand them the keys to the shiny new car and say "good luck." More challenging, but much more effective at preventing a data breach, is preventing worrisome events from occurring in the first place. Appropriate training and awareness are the tools to effectively manage the human element of risk.

Similarly, companies must invest in training for the employees 'driving' this new technology to ensure they are best equipped to prevent an 'accident,' and knowledgeable about what to do should one unfortunately occur. A trained user population operating with technical safeguards in place creates an environment where companies can safely extend data to mobile devices while effectively managing against the risk of a data breach. That way, we can sit more comfortably in the driver seat and, securely, perhaps even take in the view.

Magazine Current Issue

magazine current issue

Leaders Speak

Andy Nallappan, VP & CIO,

The Industry Demands Quick Upgrade into Cloud

By Andy Nallappan, VP & CIO,

Global Information Technology, Avago Technologies

Steven Weinreb, CIO & EVP, Technology & Operations, Asia, MetLife

Embracing Advanced Tech-enabled Solutions that Foster Innovation and Growth

By Steven Weinreb, CIO & EVP, Technology & Operations, Asia, MetLife

Anil Khatri,

Trends that are on Every CIO's Watch-list

By Anil Khatri,

Head IT-South Asia,

SAP

James F. Hanauer, CTO, VP Engineering and Art Saisuphaluck, Solutions Architect, R&D Lead, CTSI-Global

Simplifying Infrastructure Management with Microsoft Solutions

By James F. Hanauer, CTO, VP Engineering and Art Saisuphaluck, Solutions Architect, R&D Lead, CTSI-Global

Mickey Bradford, VP-IT/CTO, Exchange; & Jay McCartin, VP-Logistic Operations,  Army & Air Force Exchange Service

Embracing Cloud Hosting Benefits

By Mickey Bradford, VP-IT/CTO, Exchange; & Jay McCartin, VP-Logistic Operations, Army & Air Force Exchange Service