Cybersecurity and the mobile workforce
How do you mitigate the security risks that come with increased mobility?
Employees today are working on multiple devices from multiple locations — and more mobility means more risk. As the primary drivers of end-user computing initiatives in most organisations — according to our recent Mobile Workforce Report — CIOs are left to face the daunting task of allowing users remote access to sensitive data from just about anywhere in the world, on any network and device, while protecting that data on an end point they often have little or no control over.
Nowadays the perimeter of your network could, literally, be anywhere. I believe CIOs need to look at new ways of protecting their assets and people wherever they may be.
What do people want from mobility?
This is the first thing to get to grips with — because mobility is often not what IT was expecting to deliver. And when you have mobile workers accessing thousands of new end points, you have to identify the gaps between your different technology towers.
This wave of mobility is being driven by real business needs, such as better digital experiences for customers or increased employee productivity. These initiatives traverse organisations, so it’s often difficult to address end-user computing in isolation. A broad strategy is required that encapsulates all facets.
It’s critical to have a roadmap and a holistic framework for end-user computing. But most organisations fall short because they don’t always have the right team to lead a strategy. To succeed, CIOs must be able to map out a strategy for both the short and long term: sourcing the right team and embracing the right technology.
So what to do?
A crisp policy framework is a good first step, I believe. This can be simple but it must be clear. For example, you can govern the access to applications by device, software, or even geographical region — restricting access when exposed in high-risk networks. However it’s important to communicate these policies transparently as end-users will only adopt them if they understand why they’re in place.
If the end user is the new end point in terms of cybersecurity, then engagement with the end user should be the logical starting point in any end-user computing strategy. It’s a good idea to listen closely to what the end user requires in order to complete their work tasks and find out what applications they enjoy using, and those that make their life simpler.