Risks of Extending Document Management to Mobile
CIOReview
CIOREVIEW >> Enterprise Content Management >>

Risks of Extending Document Management to Mobile

Dan Surowiec, Global Director-Technology, Baker & McKenzie
Dan Surowiec, Global Director-Technology, Baker & McKenzie

Dan Surowiec, Global Director-Technology, Baker & McKenzie

So it turns out, it isn't just the phone that needs to be smart. To say that mobile devices can cause security breaches is somewhat unfair. It's a bit like saying a car can cause a traffic accident.

In either case, when an event occurs, it is usually because somebody did, or didn't do, something that was required of them to prevent the event.  Whether that was failing to stop at a stop sign, or failing to put a passcode on a smart phone, most events result from some shortcoming in the human interaction with technology, not solely the technology itself.

"Extending the document management system to mobile devices presents a set of risks that any businesses must weigh up"

In other words—don’t just blame the tools.

You need only glance up from your smart phone on your walk to the office to see everyone else, well, glancing down at their smartphone. Today's workforce is a mobile one. We want and often need access to critical information wherever, whenever, or however, we are working.

Of course we need to be careful. Extending the document management system to mobile devices presents a set of risks that any businesses must weigh up.  An organization must balance and in some cases off-set those risks against the potential benefits gained, available compensating controls, and the organization's risk tolerance.

By applying risk management processes and the appropriate controls, companies can arm their workforce with mobile tools that enable productivity anywhere and manage risk to an acceptable level.  In analysing the risks, companies must identify what can and cannot be done with their data, and set policies to enforce these behaviors.

And of course then there are technical solutions, such as mobile device management (MDM) platforms which can then be implemented to enforce the firm's policies, such as requiring encryption and application sandboxing, which minimize the risk of a breach when an event does occur. The technology is available, it is relatively straightforward and, most important of all - it works.

When a person is learning to drive, we don't simply hand them the keys to the shiny new car and say "good luck." More challenging, but much more effective at preventing a data breach, is preventing worrisome events from occurring in the first place. Appropriate training and awareness are the tools to effectively manage the human element of risk.

Similarly, companies must invest in training for the employees 'driving' this new technology to ensure they are best equipped to prevent an 'accident,' and knowledgeable about what to do should one unfortunately occur. A trained user population operating with technical safeguards in place creates an environment where companies can safely extend data to mobile devices while effectively managing against the risk of a data breach. That way, we can sit more comfortably in the driver seat and, securely, perhaps even take in the view.

Read Also

International Expansion In Apost-Pandemic World

International Expansion In Apost-Pandemic World

Pearl Mathew, Director, Fintech Corporate Banking at Standard Chartered Bank
Intelligence-Led Investigations And Better Information Sharing Hold The Promise Of Improving The Disruption Of Financial Crime

Intelligence-Led Investigations And Better Information Sharing Hold...

Lora von Ploetz, Head of Global Financial Crime Unit, Commerzbank AG
How Dutch Bros Coffee embedded culture into its mobile app

How Dutch Bros Coffee embedded culture into its mobile app

John Graham, Chief Marketing Officer, Dutch Bros
The Calculus of Cyber in the Context of Enterprise Risk

The Calculus of Cyber in the Context of Enterprise Risk

Seema Sewell, Director of Cyber Assurance and Architecture, Maricopa County Lester Godsey, CISO, Maricopa County