Backlog
5
ways to protect public sector data
W
hen considering a public sector employee, if their device is lost or stolen, it could put very sensitive data at risk. Organisations should be prepared to ensure this information is safeguarded, especially when accessible remotely. Arthur Dell, Director, Technical Sales and Services, Middle East, Africa and Turkey, Citrix, outlines five ways public bodies can boost productivity while mitigtating these risks. Be clear about roles and ownership Who in the organisation will own enterprise mobility? Mobility continues to be addressed through an ad hoc approach, often by a committee overseeing IT functions from infrastructure and networking to apps. Given the strategic role of mobility, and the complex matrix of user and IT requirements to be addressed, it’s crucial to clearly define the organisational structure, roles and processes around mobility. People should understand who is responsible for mobility and how they will manage it holistically across different IT functions. Mobile device management (MDM) is critical MDM enables organisations to manage and control mobile devices used to access resources. Before a device corporate-owned or personally-owned 94
NOVEMBER 2015
– accesses the public sector network, it must be verified that it hasn’t been jailbroken or otherwise compromised. Encryption, remote lock and wipe, mobile virtual private network, app blacklists and the ability to selectively disable native device capabilities all enable this. Avoid the ‘quadruple bypass’ The quadruple bypass represents the worst-case scenario for enterprise mobility: a BYOD user on a consumergrade device using sensitive public data and going directly to the cloud for sharing, storage or editing. This approach completely bypasses the control and visibility of IT - and it’s alarmingly common in today’s organisations. There are good reasons for this, of course. Cloud apps can help people save time and get their work done more easily, and they can also drive value for the organisation. The problem comes when cloud apps are used in the wrong way with sensitive data, compromising security and compliance.
Prepare for the Internet of Things Organisations shouldn’t just write policies for today – they must keep in mind what enterprise mobility will look like in the coming years. Wearable technologies like smart watches
continue to change the way people use mobility. The public sector should be prepared for employees exploring how they could be used for work. These consumer items will reach the office. It’s just a matter of time. It may be sooner rather than later for some countries. The GCC has declared that Dubai is to be the smartest city in the world by 2017. Since the vision is heavily influenced by the IoT, enterprises in the region must be all the more mindful when drafting policies.
Protect sensitive data above all else Finally, in many organisations, IT doesn’t always know where the most sensitive data resides, and so ends up treating all data with the same top level of protection - an inefficient and costly approach to security. Mobility provides an opportunity for the public sector to protect data more selectively based on a classification model that meets their organisational and security needs – keeping sensitive data confidential, without unnecessary controls for publicly available information. Providing adequate mobility at work is critical for the public sector to perform its duties but it must protect its data while doing so. This is an opportunity for the public sector to empower a more dynamic and flexible workforce, while safeguarding its data and – crucially keeping costs down. . www.cnmeonline.com