Beware smartphone data leakage, Marshal warns

The increasing use of Blackberry, iPhone and other smartphone devices in the enterprise could put corporate data at risk, content security vendor Marshal warns.

According to Marshal’s Asia-Pacific Vice President, Jeremy Hulse, companies need to govern the use of smartphones, which enable a greater number of people to access company data from anywhere.

While notebook computers have enabled similar data mobility in the past, Hulse expects the burgeoning smartphone culture to introduce new risks to enterprise security.

“You don’t really pull a notebook out as much as a smartphone,” he noted. “The risk is pulling a smartphone out with friends at a bar, leaving it around, or losing it in a public place.”

Highlighting the importance of financial and strategic data to a corporation, Hulse said businesses should pay more attention to defining and protecting their critical information.

“The level of risk [posed by smartphones] depends on the type of information that people are pushing down to mobile devices, and the locations they are accessing this information from,” he told iTnews.

“They [businesses] have to ask themselves, ‘Do people need to access corporate information on mobile devices?’”

Market pervasion and a diminutive size have contributed to the fact that mobile phones and PDAs currently are far more commonly lost, or left behind, than notebook computers.

According to a recent survey by privacy vendor Credant technologies, a total of 62000 mobile devices have been left in London cabs during the past six months.

While personal data and identity fraud has been the main worry of lost mobile devices in the past, Hulse expects corporate data loss soon to steal the spotlight.

“It’s only a matter of time, especially with the amount of storage available in new devices,” he said.

Besides instilling a corporate culture of greater care when accessing company data on a smartphone, Hulse suggests the use of technologies such as content filtering, hardware and software locks.

While he could not identify manufacturers of mobile devices that offer particularly good or bad security, Hulse noted that some vendors have collaborated with Microsoft to install technology that wipes clean a devices’ memory in case of loss or theft.

Other vendors offer software that provides a standard operating environment across mobile devices and enterprise desktop computers, which could enable organisations to monitor and filter the transfer of sensitive data.

Noting that smartphone technology could benefit employees’ productivity, Hulse said security should not be seen as a barrier to mobility, but an enabler to maximise the benefit from mobile technology investments.

“I think smartphones can actually be really productive, but I think they need to be looked at in terms of security,” he told iTnews.

“The capability [for increased productivity] is there, but training for staff needs to be there too,” he said.