Approaching Security and Privacy in Mobile-Empowered Businesses in Australia

By Goran Bogunovic posted 10-25-2014 12:34


Over the last few years, mass adoption of mobile devices at workplace has become one of the most dominant trends in Australian businesses. Considering the turbulent adoption rates in both personal and business settings, it is unsurprising that organizations saw both internal and external pressure for adopting mobile devices.

Mobile devices in Australian businesses

Mobile innovation is by no means an infant trend in Australian businesses. According to recent surveys, most Australian professionals feel unable to do their jobs without either personal or company-owned smartphones and tablets. Namely, as suggested by Forester Research’s Forrsights Global Workforce Benchmark Survey Q4 2013, the number of Australian employees that feel this way counts 56%. Furthermore, Telsyte research found that 84% of organizations surveyed have set the stage for implementation of mobile policies by providing ICT and processes for mobile workers.

Certainly, mobility can lead to substantial simplification of critical processes, especially in the domain of CRM, HR and similar areas. However, businesses should approach this trend strategically, primarily because of possible issues related to security and privacy.

BYOA and emerging security and privacy issues

As highlighted in the abovementioned Telsyte research, one issue that emerged parallel with mobile device adoption growth is employees’ increased use of personal applications for corporate file management. Whereas almost one third of businesses put no restrictions to mobile applications use, such behavior can contribute to creating a form of a shadow IT, which is especially important for enterprise ecosystem.

Quite expectedly, too many privacy and security risks could arise from inability to control corporate data flow. Coupled with the perceived instability of popular cloud storage applications such as Dropbox and Box, BYOA (Bring Your Own Application) threatens to slow down mobile innovation in Australian businesses.

Earlier this year, the Office of the Australian Information Commissioner also expressed concerns with respect to this issue. Namely, they looked at 53 popular free iOS apps, particularly focusing on apps produced by or on behalf of Australian businesses or Australian Government agencies only to find out that almost 70% of apps commonly used by employees fail to outline privacy policy or terms and conditions prior to download.

Therefore, a strategic approach to privacy and security management is highly necessary for smooth implementation of mobile policies in future.

Key focuses in managing mobile device adoption

To ensure minimum security and privacy risks, organizations need to develop strategies that include the following three levels.

-          Mobile device management, for device registration and configuration, data provisioning and security policies (i.e. device feature enablement, authorizations and restrictions).

-          Mobile applications management, identifying sets of apps that are mandatory, those that are allowed and those that are considered unnecessary.

-          Content management, introducing regulations about corporate data access and transmission to ensure low-risk behavior.

Depending on whether they support BYOD or COPE (Company Owned Personally Enabled), organizations should consider how to adjust these strategies to their own processes. Small and medium-sized businesses, for example, may be unable to invest too much time and money in deploying advanced security and privacy management systems. However, in Australia they are a market segment that heavily relies on mobile and cloud business strategies, which is why they too need to set this as a focus.

Finally, it is important that both enterprises and SMBs find a proper balance between exploiting the potential of mobile devices and managing related risks. Certainly, no modern business should ignore this form of technology innovation and this is why mobile devices justifiably need to see the light of day in Australian businesses. Yet, however easy it may appear to implement mobile policies, some space needs to be left for considering possible challenges. 

#mobile #InformationGovernance #Security #cloud #privacy