Information loss happens in a variety of ways.
This can be through cyber theft, unintentional action exposing sensitive data, loss of a device, and a host of other ways. Many organizations find it hard to consider that there is sensitive information within the company that is of value to others and beyond that perhaps targeted by outsiders and or insiders.
Since the organization rarely considers its “information assets” there is no strategy in place to monitor and mange the exchange of company information. Not until such time that there is a crisis do many organizations stop and think, “how did this happen”?
The growing acceptance of a “bring your own device to work” is increasing organizational susceptibility to information loss. iPads, iPhones, Androids, all are welcome. Compounding the issue is allowing the end user of the device to install whatever apps they might choose. All apps are not created the same nor appear to be what they are at all times.
Malicious applications, improperly coded apps that contain vulnerabilities, and applications granted permissions on install to sensitive data stores by unknowable users, are all considerable avenues for data loss.
When data losses occur how does the organization know? If a personal device is lost that contains sensitive information, how is the organization notified? Are they? How is the data secured, retrieved, or wiped?
Its too late when business owners face ex-employess who become competitors, or sensitive communications wind up in the hands of competitors, or data losses lead to legal and or PR nightmares.
Clearly any organization that moves forward with BYOD or any mobile strategy without a clear cut plan that is supported by the necessary tools, process and procedures is broadening its potential for data loss.
Bring your own device to work, install your own apps, that’s crazy!