![Jon Moger[1]](https://internationalbanker.com/wp-content/uploads/2016/07/Jon-Moger1.jpg)
By Jon Moger, Senior Director EMEA Marketing at Aruba, a Hewlett Packard Enterprise company
The finance sector has a data-security problem, but it goes beyond external threats from hackers—this is a threat from within. Jon Moger explains what this threat is, and how your business can combat it.
Take a short stroll around your office, and you’d expect each desk to be a near mirror-image of the last. Your employees tapping furiously on their keyboards with their eyes glued to their monitors. A breakfast bowl pushed to one side, holding the hardened remains of this morning’s cereal. A selection of papers loosely piled up in a corner. And sitting discreetly amongst it all, a small device that can connect to the company’s networks, share information and track locations all with the tap of a button.
For most businesses, the smartphone has become just a standard piece of office furniture. In fact, more than a third of businesses don’t have a basic mobile-security policy in place at all.
This is all quite extraordinary, given the fact that an alarming four out of every ten finance organisations surveyed by Aruba, a Hewlett Packard Enterprise company, as part of a recent study admitted to having lost data through the misuse of a mobile device.
In the hands of your employees, the smartphone is the source of an unwitting, non-malicious threat to company security.
#GenMobile
The vast majority of today’s employees have become used to a world in which mobile devices are an integral part of everyday life, and they recognise the benefits they can bring to their working day. Aruba calls this new generation of people #GenMobile.
Whilst this asset is very desirable in an employee, it can also prove to be a threat to financial organisations that rely on tight control of data security. The finance sector is in agreement that digital-savvy workers pose a major global threat to the success of the banking and finance industry.
The problem
To identify the true nature of this new type of employee, Aruba surveyed 11,500 workers in 23 countries, asking them detailed questions about their work, their approach to data, and their take on corporate and personal security in a technological landscape dominated by mobile devices.
Now, #GenMobile have shown that using smartphones for a wide array of tasks is second nature for them. They are using the same device to instantaneously share status updates about their life and to access their company’s emails containing confidential information.
What does that mean from a security point of view? The study highlighted that the sharing of data is a big concern; 60 percent of respondents reported to being happy to let others use their work mobile devices at least once a month, while a fifth don’t have passwords on their mobile devices at all, in part to make sharing easier.
The study found that 56 percent of #GenMobile will disobey their managers to complete a task—while three-quarters are happy to take IT (information technology) issues into their own hands without getting in touch with their IT departments.
While 51 percent of #GenMobile believe that mobile technologies enable them to be more productive and engaged at work, it appears this fervent need to get things done also creates a lack of regard for data security.
You won’t be surprised that security only limps into the top five of office tech concerns for #GenMobile.
Five tips to turn a threat into a safe bet
So what can the banking industry do? Lock down all mobile devices? Implement a highly restrictive password policy?
Despite the obvious impact on data security, there have been a number of benefits of the smartphone era to the overall health of the finance sector. #GenMobile bring big-thinking creativity, better collaboration and new ways of doing things; priceless in an era when consumer behaviour is changing at an incredible speed.
Mobility in the workplace is rapidly becoming the norm. As the new #GenMobile employees look to increase productivity through the use of multiple devices, they will also raise the risk of data leakage. Solving this conundrum requires a cross-functional approach across human resources, security and IT teams—to define a clear policy, put in place the appropriate technology to manage the policy and ensure there is a clear employee communication plan.
So how can your organisation protect itself from the seismic and often irreparable impact of a security breach whilst continuing to nurture this creativity? Here are five suggestions on ways your organisation can prepare for #GenMobile:
So how can your organisation protect itself from the seismic and often irreparable impact of a security breach whilst continuing to nurture this creativity? Here are five suggestions on ways your organisation can prepare for #GenMobile:
- Make sure you have an up-to-date mobility policy covering roles, devices, applications, locations, data types and other contextual attributes.
- Create enforcement rules that extend from applications to devices across the network.
- Make sure your security measures and policies map back to your organisation’s business objectives.
- Training is vital; all staff should have needs-assessed training to help them understand why policies are in place and how they can help.
- Take heed of feedback—it may improve your IT workflows and performance.