All the latest UK technology news, reviews and analysis

Keep corporate data off smartphones and tablets, caution security experts

25 Sep 2012
Samsung Galaxy Nexus vs iPhone 4S

Firms looking to roll out bring your own device (BYOD) schemes should never be tempted to let staff store corporate information on their personal devices, according to security experts speaking at the V3 Security Summit on Tuesday.

The rush to use tablets and smartphones for work purposes has led to many organisations being forced to take a stand on the issue, and decide whether to let employees use their own devices to access corporate applications, provide them with a device directly or the funds to buy an authorised one.

However, this brings new security challenges to IT departments over managing the influx of mobile devices accessing the network, and the best approach to take to information access.

According to Richard Mardling, strategic business director at identity management specialist AurionPro SENA, whatever approach firms take, allowing business data to be stored on a personal device is never a sensible option.

“I’d be uncomfortable about people storing corporate information on personal devices because you don’t have control over the personal device,” he said, during the V3 Security Summit session on eliminating the security risk from BYOD.

“The only way you can do that is to start to put applications onto that device to control it or get the employee to sign up to quite stringent acceptable use policies, which they might not want to do as it’s their personal device, it’s not the property of the organisation.”

Mardling advised firms to instead look for ways to store, manage and control information accessible via the device within the network, rather than on the device itself.

Andy Bushby, technology director for Information Security at Oracle, said that allowing staff to store client or other sensitive data on their own devices would have implications around the Data Protection Act and new European privacy legislation coming up.

“That in reality means encryption, so you’re going to start encrypting at least a part of someone’s device,” he said.

“And then there’s questions around how do I make sure they’ve wiped that when they leave, and has the user given me the right to do that. If you store information on a personal device, it makes it a more complicated process if they leave or the device is lost or stolen, than storing the data in the infrastructure.

"It’s best to have a security platform that means if someone leaves, they’re turned off for every device and application, and so have no access to sensitive information.”

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Madeline Bennett

Madeline Bennett is editor of V3 and The INQUIRER. Previously, she was editor of IT Week. Prior to becoming a journalist, Madeline was an English teacher at a London secondary school. Madeline is a regular technology commentator on TV and radio, including Sky, BBC and CNN. 

View Madeline's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

Green IT poll

How important is it to your business that a cloud provider uses renewable energy like solar or wind to power their data centres?

Popular Threads

Powered by Disqus
Galaxy S5 vs Nexus 5 head to head review front

Galaxy S5 vs Nexus 5 video review

We compare Samsung and Google's top devices

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

iOS Developer

My client is looking for an iOS Developer based near...

Project Manager

Montash have been engaged by a large financial organisation...

SAP APO Consultant

SAP APO Consultant Location: Amsterdam, NL Rate: €700...

SAP Supply Chain Management Consultant

Location: Amsterdam Rate: 600-700 Euros Duration...
To send to more than one email address, simply separate each address with a comma.