Page 10 - Mobile Data Loss
P. 10

4     Mobile Data Loss

          includes isolation from the operating system as well. But there are
          features in the mobile operating systems that provide ways in which data
          can be shared and are typically user-driven. A user can receive an email
          with an attachment in the email app, open that attachment in a
          secondary app that allows for it to be edited, and then open the document
          in a third app to print it over-the-air to a printer, and furthermore upload
          it to a cloud service. Additionally, features like copy/paste, screenshot,
          email forwarding, and more exist as well. But what’s important is that
          much of this is user-driven or user-defined rather than allowing an app to
          natively perform these functions.

             Another important aspect of the mobile era is that the traditional
          network edge has now become blurred. Mobile devices are very
          ubiquitous and access enterprise data over the network in a variety of
          ways. Whether its cloud services, web 2.0, data backup services,
          multiple network services (cellular, Wi-Fi, NFC, etc.); all make
          management of this data far more challenging. No longer can we look
          at the network as a single entry point, the network edge has dis-
          appeared, now data lives everywhere.

             Last, but certainly not least, is the emergence of BYOD (Bring your
          own device). In the PC world, IT provided the computer preconfigured
          with security controls. But in the mobile world, people show up with
          their personal devices looking to connect them to their enterprise
          network or cloud. And even those organizations with Corporate issued
          devices, inevitably find that the user will use it for personal use.
          In either circumstance, the user has a plethora of features by which
          they can share, forward, or upload data to and from the network. This
          has also made the end-user the low hanging fruit for attack. Since these
          mobile devices are always connected, this provides a much larger
          window of compromise for attack and exfiltration of data.



          SECRETS TO MOBILE DATA LOSS PREVENTION SUCCESS

          Mobile data loss requires a mindset adjustment to enterprise security
          that adapts to the mobile operating systems and explosion in data
          dissemination. Enterprise Mobility Management (EMM) is the center-
          piece for accomplishing this. Apps, content, network access, and email
          deployed to the mobile device can be revoked through a selective wipe
          when a device is lost or stolen, or if the device is identified as
   5   6   7   8   9   10   11   12   13   14   15