Risks of Extending Document Management to Mobile
So it turns out, it isn't just the phone that needs to be smart. To say that mobile devices can cause security breaches is somewhat unfair. It's a bit like saying a car can cause a traffic accident.
In either case, when an event occurs, it is usually because somebody did, or didn't do, something that was required of them to prevent the event. Whether that was failing to stop at a stop sign, or failing to put a passcode on a smart phone, most events result from some shortcoming in the human interaction with technology, not solely the technology itself.
"Extending the document management system to mobile devices presents a set of risks that any businesses must weigh up"
In other words—don’t just blame the tools.
You need only glance up from your smart phone on your walk to the office to see everyone else, well, glancing down at their smartphone. Today's workforce is a mobile one. We want and often need access to critical information wherever, whenever, or however, we are working.
Of course we need to be careful. Extending the document management system to mobile devices presents a set of risks that any businesses must weigh up. An organization must balance and in some cases off-set those risks against the potential benefits gained, available compensating controls, and the organization's risk tolerance.
By applying risk management processes and the appropriate controls, companies can arm their workforce with mobile tools that enable productivity anywhere and manage risk to an acceptable level. In analysing the risks, companies must identify what can and cannot be done with their data, and set policies to enforce these behaviors.
And of course then there are technical solutions, such as mobile device management (MDM) platforms which can then be implemented to enforce the firm's policies, such as requiring encryption and application sandboxing, which minimize the risk of a breach when an event does occur. The technology is available, it is relatively straightforward and, most important of all - it works.
When a person is learning to drive, we don't simply hand them the keys to the shiny new car and say "good luck." More challenging, but much more effective at preventing a data breach, is preventing worrisome events from occurring in the first place. Appropriate training and awareness are the tools to effectively manage the human element of risk.
Similarly, companies must invest in training for the employees 'driving' this new technology to ensure they are best equipped to prevent an 'accident,' and knowledgeable about what to do should one unfortunately occur. A trained user population operating with technical safeguards in place creates an environment where companies can safely extend data to mobile devices while effectively managing against the risk of a data breach. That way, we can sit more comfortably in the driver seat and, securely, perhaps even take in the view.
Technology in Legal Industry, a Far Fledged Dream
Knowledge Management - A Pragmatic View
Create Constant Growth for QA Professionals (or Perish)
Current Market Trends Shaping The Knowledge Management Space
By Chris Tjotjos, VP, Cisco Solutions Practice, Black Box...
By Laura Jackson, Sr. Manager-Risk Management, ABS Consulting
By Jason Cradit, VP of Information Systems, Willbros Group
By Steve Garske, Ph.D., Senior Vice President & Chief...
By Roman Trakhtenberg, CEO, Luxoft
By Renee P Wynn, CIO, NASA
By Mike Morris, CIO, Legends
By Louis Carr, Jr., CIO, Clark County
By Andrew Macaulay, CTO, Topgolf Entertainment Group
By Dominic Casserley, President and Deputy CEO, Willis...
By Dave Nelson, SVP-Portfolio Lead, Avanade, Inc.
By Michael Cross, SVP & CIO, CommScope Holding Company Inc.
By Pauly Comtois, VP DevOps, Hearst Business Media
By Dan Adam, CIO, Extreme Networks
By Matt Schlabig, CIO, Worthington Industries
By David Tamayo, CIO, DCS Corporation
By Scott Cardenas, CIO, City and County of Denver
By Marc Kermisch, VP & CIO, Red Wing Shoe Co.
By Brian Drozdowicz, VP, Digital Services, Siemens...
By Les Ottolenghi, EVP and CIO, Caesars Entertainment