The use of laptops and wireless technologies has provided an opportunity for a new wave of innovation within organizations, offering new freedoms that are changing the way companies interact with customers, partners, and employees. People have become more adept at using mobile devices to conduct both business and personal activities, and an increasing number of workers are becoming mobile, with a growing share of the UK workforce away from their desks for a greater amount of time.
The computing power and storage available from laptops means that they can hold the same content found on desktops and back-end systems, such as word processing documents, spreadsheets, and customer information. All these can include information which, if disclosed, could damage the organization, or result in compliance failure with regulatory or legal requirements.
The protection of information on laptops is now more significant, as a result of the common, although inadvisable, practice of using mobile device storage for easy reference to critical corporate and personal information, including company and personal contact details, passwords, and bank account details.
Unfortunately, the majority of IT security tends to focus on keeping hostile parties out of data center resources, such as networks, hardware, databases, and applications. Laptops are increasingly used as client devices for enterprise computing needs, and if left without adequate protection, they form a soft underbelly of the IT infrastructure that is very vulnerable to compromise.
The protection of remote company data should be addressed, and the level of security required for different types of data determined. This should include two-factor authentication where appropriate, preventing data being stored on removable media such as USB memory sticks, and data encryption being used for information stored on laptops.
Organizations need to instigate security policies for mobile users and their devices, which include commonsense guidelines. These should include the requirement to never leave a device unattended in a public place, or in a hotel room without some kind of security, such as in a locked safe, or by securing to furniture with a cable lock. Laptops should be housed in a case that does not immediately identify the contents.
In addition, it is vital that enterprises educate their employees about the risks associated with departures from recommended policies, and the implications and cost for the whole enterprise if policies are not complied with.
Laptops are an essential part of carrying out today’s business functions, and, with so much information stored on them, it is essential that the data is secured using technologies such as strong authentication and data encryption.
Source: OpinionWire by Butler Group (www.butlergroup.com)
