Addressing Mobile Data Security (Part 1)
Security and the Rising Cost of Data Breaches
The cost of data breaches has continued to climb in recent years. In its 2013 annual survey on the cost of data breaches, the Ponemon Institute reported that the cost of a data breach has once again increased year-over-year. For organizations whose data breaches resulted from malicious attack, the cost of the breach per compromised record was actually higher than if the breach had occurred due to a system failure or unintentional human factor.
Given the increase in targeted data security attacks over the last two years, the cost of these breaches is likely to continue on this growth trajectory. In addition to the risk from motivated, technologically sophisticated adversaries, organizations must also cope with the challenges of increased enterprise mobility. As the Bring Your Own Device (BYOD) trend continues to grow, organizations have an increasingly difficult time managing the security of proprietary data as it travels across various untrusted networks to reach non-corporate issued devices, over which they have little control.
Mobile Device and Mobile Application Management (MDM/MAM) solutions can help to address some of these issues, but leave some gaps. For example, MDM solutions can mandate a security compliance profile for all devices accessing proprietary data. Although the MDM profile can provide basic device-level management, it does little to protect data on the device from undetected malware or the mishandling of data on the device at the application level.
Furthermore, MDM makes no distinction between personal and business data. This deficit can compromise personal privacy or result in the loss of personal information if the MDM administrator wipes the device.
MAM solutions by definition address app-level security issues. However, the two standard MAM approaches, containerization and SDK, both require at least rebuilding of the mobile application, if not significant re-engineering to integrate the security and management features deep into the application.
“A preferable approach to handling data would enable logical segregation of personal and business data on the device, while protecting the business data from theft, tampering, and unauthorized disclosure.”
With the lighter-weight MDM approach, IT administrators lose visibility and control of their data once it is actually on the device. End-users are then free to use the data on the device in whatever way is most convenient for them, even if it makes security problems worse. For example, IT administrators have reported an end-user phenomenon of using insecure cloud services such as personal web mail and data storage services as a convenient way to transfer data. These unsanctioned data handling practices potentially expose the organization to data loss or breach. A preferable approach to handling data would enable logical segregation of personal and business data on the device, while protecting the business data from theft, tampering, and unauthorized disclosure.
In this post, we have explored the challenges organizations and IT security professionals face with the pressure for increasing levels of mobility in the enterprise. In part 2 of this series, we will examine how adding a solution that provides application-level strong cryptography for data both in-motion and at-rest can help to strengthen the security posture today’s MDM/MAM solutions provide.
To learn more about how Sencha solutions can help to address mobile data security challenges, please visit: http://www.sencha.com/space.