more-arw search

GAO issues report outlining mobile security

GAO Issues Report Outlining Mobile Security

Mobile devices have become incredibly popular in the consumer and enterprise worlds, as more businesses begin to see the benefits of cultivating a strong bring your own device (BYOD) policy. Several reports have revealed that corporate expenditures, both capital and operational, can be reduced by allowing employees to bring in their own technology.

However, security remains a major question among those with executive jobs, as unsecured devices can spell disaster by way of data breach and loss of corporate information. It is the responsibility of a business' decision-makers to ensure the integrity of all information technology (IT) operations, which can be mitigated through IT departments.

GAO offers advice, research on BYOD
The U.S. Government Accountability Office recently released a report to Congressional Committees that focused on the need for stronger enterprise mobility controls, as well as more consistent and effective implementation of such practices and software. According to the GAO, mobile device-targeted malware has experienced explosive growth over the last year, with variants rising 185 percent from July 2011 to May 2012, from 14,000 types to 40,000.

Not only does the agency stress the importance of enterprises securing devices used by their employees, it asserts that the federal government needs to take more ownership in passing protective legislation. Further, the report noted that the U.S. Department of Homeland Security is responsible for ensuring the security of the cyber environment.

However, for the most part, DHS is responsible for spreading awareness of the risks apparent in the current landscape, as well as providing best practices for consumers and businesses to follow. This leaves several responsibilities on the shoulders of business owners, managers and the employees themselves.

Ever-increasing breaches
Data breaches have been a major issue in recent years, no matter the computing device used, as the Identity Theft Resource Center counts roughly 300 data breaches so far this year, leading to the exposure of just under 10 million sensitive records. Of this total, 34 breaches affected government agencies, responsible for nearly 1.9 million exposed records, while enterprises accounted for 110 breaches and nearly 3.5 million exposed records.

Considering that the Ponemon Institute estimated roughly 40 percent of data breaches are the result of employee negligence, and about the same rate of corporate breaches were the result of stolen mobile devices, enterprises need to follow very strong mobile security management practices.