Tag Archives: mobile data security

Enhancing Your Company’s Mobile Security in Ten Steps

Mobile-centric workforces are a present reality, and, more and more, a way of the future. They enable your employees to be anywhere and everywhere, which also means that your company’s precious and sensitive data is moving with them also. So, how to prevent against the threat of data loss from internal sources, both by accident and maliciously? Here are ten easy steps you can take:

  1. Use a lock screen and biometrics technology

Pretty simple stuff but it is very surprising how few companies, particularly SMBs, insist that this procedure is followed by their employees. Preferably employees will have both smartphones and laptops that come with built-in biometrics technology that can identify them through retina or fingerprint verification.

  1. Create a BYOD policy

You may or may not provide employees with devices. If you don’t, it’s important to create a BYOD (bring your own device) policy, where employees follow a procedure on their own devices to bring them up to speed with company security policy. Mobile device management platforms are a great way of implementing these. These procedures should also give you the ability to wipe their phone data remotely in an emergency situation.

  1. Purchase unlimited data contracts

This might not always be possible with budget constraints, but it is the most effective way of preventing employees connecting to unsecured Wi-Fi networks when they are in public places.

  1. Encrypt, encrypt, encrypt

The more you can encrypt the better to prevent ‘leaky’ code or to help prevent data being revealed if it is leaked by accident. File-level encryption protects data on a file-by-file basis, and key and certificate management is also highly important to protect.

  1. Strengthen passwords

Many employees still use old and unsafe passwords, merely because they’ve never been reminded to update them. As part of company policy, ensure that all passwords have to be of a certain strength and changed on a regular basis. This will help against the threat of data loss protection, not only from a mobile security standpoint, but also within the office.

  1. Testing

Ideally comprehensive testing will be included in the network security firm who puts together your mobile security package, but you should also be testing yourself to find any cracks. Upon initial implementation, encourage employees to ‘break the system’ with unclassified information. When the people who will be using the mobile systems are able to get around the technology at the very beginning, it’s likely to happen again and therefore needs to be fixed.

  1. Device protection

More relevant for SMBs with BYOD policies, ensure that the devices used are not jailbroken or a rooted device. This removes the in-built security measures that come with smartphones, which are fairly sophisticated and help to complement your company’s own security policies.

  1. Mobile app choice

When downloading any app on a phone, for both personal and professional use, it’s important that employees don’t download apps that could compromise data protection. Ensure that employees view the download of apps the same way that they view downloading foreign files, or opening spam emails – with caution.

  1. Inform your employees

Further to this, it’s helpful to inform your employees what potential threats could look like. While these are technically external threats, you can reduce the internal threat of employees clicking on harmful phishing links by educating them that these could come from banks, tax departments, the Board of Directors, and what to do if they’re unsure.

  1. Update the technology

Software updates for laptops and mobile devices generally include a large number of security patches and updates. Ensure that you and your employees are as protected as you can be by updating as soon as the notification comes through.

Many employees don’t have any intention of leaking a company’s sensitive information, they are just totally unaware of how they are inadvertently doing it. Creating a workplace where employees are taught to view mobile security as an important part of their job, whether it’s disconnecting from public Wi-Fi areas, or strengthening passwords, it helps to educate and empower them to start taking mobile security into their own hands. This, combined with mobile device management platforms that help to protect against internal loss that occurs intentionally, will ensure that your company has a solid mobile security policy.

Growing Workplace Collaboration Necessitates Mobile DLP

According to Fliplet, by end of 2016, there will be more than 1.3 billion workers globally using mobile devices at the workplace. Sales of mobile devices will touch 3 billion by 2017. The stereotype work culture of commuting to the office or working from one fixed desktop will be a thing of the past. Abundant use of smart phones by mobile workforce will result in increased productivity of work – a six weeks’ worth equivalent to almost 240 more hours per employee annually.

Similarly, bring-your-own-device (BYOD), is being given proper recognition in all small and big enterprises. As BYOD has been consistently fueling mobility, this growing trend of “consumerization of IT” has increased productivity and reduced costs. This is because employees can now access corporate emails, messages, text, work-related communication over their own personal device, enabling them to be virtually anywhere while still being productive. Customer responsiveness has increased and newer engagement models are emerging that are enabling mobile devices to be used as sales tools.

But the question is “How Secure is Mobile Collaboration?” Are we implementing enough measures for Mobile DLP? How can corporates be assured that the threat of data loss over mobile devices has been mitigated?

Data loss prevention (DLP) solutions help address these challenges in a mobile environment just as they would in a workstation environment. The comprehensive approach of mobile DLP solutions makes them ideal because:

Mobile DLP allows prevention of data leakage and safeguards unencrypted information

Users send and receive email from corporate and personal accounts, upload information to cloud services and send files to social networking sites. According to industry reports, the majority of data loss is generated by well-meaning insiders using standard information-sharing tools (email, Web upload, etc.) since the information is not sent in an encrypted format through mobile devices. A mobile DLP solution acts as a gatekeeper to control confidential information from compromised and unauthorized access by routing the traffic through a corporate virtual private network (VPN) server.

Mobile DLP allows access restriction for applications

Information access privileges are usually 100 percent for each mobile device user. A mobile DLP solution can help enforce a restriction on usage of select applications by blacklisting them or exceptionally allowing some applications to users by whitelisting them based on user business requirements and approvals.

Mobile DLP allows protection of real-time data and FSS

A Gartner study reported that most data loss from mobile devices occurs through emails, multiple third-party apps allowing data exchange and Internet tools for file sharing and synchronization (FSS). Mobile DLP solutions offer data routing and information scanning through corporate VPN to ensure no confidential information leaves the corporate network.

Mobile DLP allows monitoring of chat (messages and voice)

Mobile devices connected to the corporate network can be monitored for voice chat activities through control of HTTP/HTTPS and can also log all outgoing text as well as multimedia messages to prevent data leakage.

Mobile DLP solutions act like control centers for sensitive data, user profiles and device information. With careful definition of these three areas, they can offer lots of security and business flexibility—a perfect combination for mobile devices.

Adopting a Unique Security Approach through Zecurion Mobile DLP Solution

The Zecurion Mobile DLP provides a unique security approach to prevent data leakage from a device in or outside a corporate network. Zecurion Mobile DLP helps protect the organization from accidental and deliberate data leakage. It acts like a traffic controller and routes all data flow to the network DLP (i.e., Zgate) for analysis and action. This includes analysis and protection of sensitive data sent from email clients, Web browsers and applications such as Facebook, Twitter, Dropbox, etc. In the event of an incident, the user is notified of the violation of security policies.

Zecurion Mobile DLP Security Model

Zecurion Mobile DLP offers an end-to-end solution to ensure data traveling between smart devices is fully protected from the start to end points. The Zecurion security model has two key elements:

  1. Data Protection

It segregates personal data from corporate data and ensures personal data is protected from monitoring and corporate data is protected from leakage or loss.

  1. Securing Network Access

It ensures data that travels in the network is secure, based on analysis of the content of the messages and file sharing on Google Talk, Yahoo Mail, etc. It also keeps tab on the information uploaded to cloud services, covering all information flow on HTTP/HTTPS.

How Zecurion Mobile DLP Works

Zecurion Mobile DLP works in conjunction with mobile solutions to configure and manage VPN. It also relies on a DLP server deployed in the corporate network and, in conjunction with a Web proxy, analyzes all outgoing network traffic, including SSL-encrypted content.

Benefits of Zecurion Mobile DLPZecurion Mobile DLP Benefits

Zecurion Achieves Worldwide Silver Partner Status in the Samsung Enterprise Alliance Program

New York, September 23, 2015 — Zecurion, a leading developer of data loss prevention solutions, announced it has achieved silver partner status in the Samsung Enterprise Alliance Program (SEAP) enabling Zecurion to deliver mobile solutions aimed at preventing leaks of confidential data through Samsung Android.

The partnership with Samsung enabmles Zecurion to provide complete monitoring of corporate information on employees’ mobile devices efficiently and cost effectively, thereby preventing data leaks at various stages of information processing, storage, and transfer.

SEAP is an affiliate program of Samsung and supports companies in the use of Samsung products and solutions. Besides support for global marketing and distribution activities, Samsung offers technical support and expertise to its partners to enable development of differentiated mobile solutions that meet customer demands

With the silver partner status, Zecurion now has access to the extended library of the Enterprise SDK from Samsung.

Zecurion Mobile DLP finds copies of confidential documents on users’ mobile devices and blocks their transfer via unsecured open networks. All traffic is channeled through a protected corporate network. In the event of theft or loss, the device can be blocked by a security officer.

MHA NG (Mobile Hybrid Analysis Next Generation) is used to detect confidential documents on Android devices. A new version of MHA uses six different technologies for identifying confidential data, including MorphoLogic, a search by dictionary, templates and frequent expressions. The plan for the future is to add support for DocuPrints and SmartID. MNH NG is already correctly identifying over 100 different file types as well as encrypted documents.

For more information about Zecurion DLP Mobile, please call +1 866 581-0999.

About Samsung Enterprise Alliance Program (SEAP)

Samsung Enterprise Alliance Program (SEAP) is designed to provide differentiated benefits to partners according to their various needs. The goal of SEAP is to enable partners in creating new revenue opportunities in the enterprise mobile business with Samsung products and solutions. Additional information is available at visit: http://www.samsungmobileb2b.com.