Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Keeping data safe in an always-on world

Sanjay Rohatgi, Senior Vice President, Asia Pacific and Japan, Symantec | Jan. 5, 2016
Sanjay Rohatgi of Symantec shares what companies should do to better protect themselves and their customers' sensitive data from security threats in today's evolving landscape.

This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.

One of the greatest advantages of a mobile-enabled workforce is no doubt the employee's ability to always be connected. Unfortunately, this also expands risk. While employees previously left their data at work, they are now traveling the world with access to corporate data anywhere, anytime.

In the former single-phone corporate environment, mobile devices were relatively straightforward to manage and secure as they had limited or no access to corporate data.  As the popularity of smartphones exploded in the last five years, IT departments have learnt to deal with the trend of "Bring Your Own Device". But today, it is no longer just about the device, but also about "Bring Your Own Application" and "Bring Your Own Cloud" into the workplace.

Mobile applications and cloud services are increasingly embedded into all parts of our personal lives. Organisations are finding that their employees increasingly want to use their own apps, clouds, personal mobile devices and platforms to work (often alongside corporate-provided devices/platforms). And they can't be stopped. Employers need to embrace the use of mobile devices and cloud storage tools, such as Dropbox and Google Drive, for both work and personal agendas, or risk losing their talent.

In today's complex and rapidly changing threat environment, information security professionals are facing increasing number of security breaches than ever before -- in 2014, our report found that more than 317 million new pieces of malware created last year, and five out of six large companies were attacked. Another trend observed this year was the increase in security threats in small and medium-sized organisations. About 60 percent of all targeted attacks struck small and medium sized organisations globally, since these organisations often have fewer resources to invest in security. Many are still not adopting basic best practices like blocking executable files and screensaver email attachments. According to Funding Societies, in Singapore alone, 99 percent of companies are small and medium-sized organisations, which puts them at great risk for security attacks.

With personal devices and cloud applications now being used to access corporate email, calendars, applications and data; many organisations are struggling with how to fully define the impact to their security posture and establish acceptable procedures and support models that balance both their employees' needs and their security concerns. Companies are managing up to 75 point products, resulting in too many alerts and false positives to deal with. Most attacks go undetected because today's security products are not integrated across all three control points: endpoint, network, email. 

So, what can companies do to better protect themselves and their customers' sensitive data from security threats? 

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.