|
|
|
|
|
Results Of iPhone Security Readiness Poll Point To Lack Of Preparedness
Published Apr 15, 2010
|
DeviceLock, Inc., a worldwide leader in endpoint data leak prevention software solutions, announced the results of its iPhone security readiness poll, which found few respondents taking action to combat the threat posed by the increased use of iPhones in the workplace. In the seven months of data collection, over 1000 responses were posted to the survey question, “Have you taken any steps to secure your business against the security threat posed by iPhones?" Resembling the distribution of DeviceLock’s user base, the geographic plot of the responses was predictably spread around the world; about two-thirds came from North America and Western Europe with the other one-third originating in Eastern Europe, the Middle East and Asia Pacific regions. Less than 40% of all respondents answered affirmatively to the survey's question; and, willingness to admit that the iPhone threat is a “back-burner issue” appears to be especially prevalent in Western World regions like North America and Western Europe, where only about 25% of respondents answered ‘Yes’ to the question. This tendency was not seen in the one-third sample coming from regions to the East. Viewed as a whole, Eastern Europe, Middle East and Asia Pacific regions registered close to a 60% ‘Yes’ response to the question.
“While this website-administered poll has inherent limitations, the results do suggest that the iPhone threat to data security is being generally underestimated,” said Alexei Lesnikh, Business Development Manager at DeviceLock. “Given the iPhone platform’s consumer popularity and robust development community, its launch into the workplace is inevitable”.
“The variation in how the well-developed IT markets of the West view the iPhone threat versus the emerging IT markets of the East may be because Enterprise IT planners in the West are relying on the already-entrenched vendors, such as RIM and Microsoft, to ‘have their backs’ and not introduce such a device without the necessary security hooks in place for device-related policy enforcement and encryption,” suggests Alexei Lesnikh. “However, the Apple iPhone development community has less to lose, and may get there first. Meanwhile, IT planners in the emerging markets are, by virtue of economic necessity and down-sized expectations, already closer to the ‘convergence dream’ of doing everything they might otherwise do with a laptop with a phone, so they are just quicker to recognize the strength of the iPhone as a corporate contender. We’re encouraging DeviceLock customers and prospects around the world to take precautions with regard to iPhones in the workplace,” he explains.
As with previous waves of convenient devices that infiltrated the workplace—from CD-ROMs, to personal printers, to thumb drives—the iPhone offers gains in flexibility and productivity, along with greater risk of disastrous data leaks from corporate endpoint computers. History has proven that the best strategy for enterprise IT teams is to set clear policies with regard to new devices and to tool-up to enforce them. The particular risk with mobile communications devices like the iPhone is that an employee can run a local synchronization for data transfer, completely bypassing the corporate network and any network-based security solutions. With DeviceLock in place, IT security organizations can impose a “least privilege” mobile device policy that limits data exchanges to only specific iPhones and to only the types of data required for exercising an employee’s business duties.
Featuring a patent-pending local synchronization filtering technology, DeviceLock gives security administrators the ability to centrally control which types of data specified users or their groups are allowed to synchronize between corporate computers and locally connected iPhones and iPods. DeviceLock also can recognize and filter numerous data object types for iTunes® protocols, thus empowering administrators to selectively allow or block synchronization of files, emails, email attachments and accounts, contacts, tasks, notes, calendar items, bookmarks, and various media types.
DeviceLock provides scalable, centralized, and easy-to-learn management and administration via a customized Microsoft Management Console (MMC) snap-in that natively integrates with Group Policy Object Editor in Microsoft Active Directory. DeviceLock agents can be deployed, managed and administered completely from within an existing Microsoft Active Directory domain. A separate component, the DeviceLock Enterprise Server (DLES), is available for centrally auto-collecting audit and shadow data from protected endpoints. Highly-granular event logging and data shadowing configurations are supported for tracking and analyzing user actions on peripheral ports/devices, related system events and data transferred to peripheral devices. In addition, DLES can monitor remote DeviceLock-managed computers in real-time to check on agent status and policy template consistency. DeviceLock’s comprehensive mix of configurable policy parameters and options facilitates the definition and enforcement of a “least privilege” corporate IT security policy. With DeviceLock, IT security administrators are equipped to logically profile the business role of every employee, group or department with regard to their use of local PC ports and peripheral devices, keeping each to the minimal set of operations required to perform their role. This reduces the overall risk of data leaks and helps organizations to better comply with applicable IT security regulations and industry standards.
For more information:
Alexei Lesnykh
DeviceLock, Inc.
Business Developer Manager
M: +31-645-770-562
E: alexei@devicelock.com
Posted by
VMD - [Virtual Marketing Department]
|
|
|
