In the past fortnight GCHQ have issued advice to businesses, in their 10 steps to Cyber Security document, to consider a ban of bringing your own device into the workplace (BYOD). They consider staff to represent the “weakest link in the security chain” and believe they pose a big threat to the (intentional or unintentional) leak of data within an organisation through the use of BYOD.
Boldon James CEO, Martin Sugden released his comment to the recent advice stating:
“We absolutely agree that employees are a big risk for organisations; for the simple reason that people are human and we all make mistakes.
It’s good to see that acknowledged, as organisations often focus too much on protecting their perimeters from hostile Threat, whilst ignoring the security risks presented by their own staff.
However we don’t agree that businesses need to strip staff of access or mobile devices and therefore lose out on the huge benefits that the latest mobile technologies can bring in terms of productivity, collaboration, and flexibility.
As long as security travels with your data, you can control who has access to what, on which device and in what location. Properly applied, data classification and data loss prevention tools will prevent sensitive data being available on mobile devices, or accessible from inappropriate insecure locations and can prevent malicious misuse of data.”
Tools such as Boldon James Classifier allow user-driven data classification strategies to be implemented easily and cost effectively across an organisation, enforces data-centric security and ensures that staff are considering the sensitivity of the data they are creating and sharing. In turn, this means user awareness of data governance practices increases and enterprise mobility can be embraced without the need to put a blanket ban on employee-owned mobile devices.
So with Data Classification, it is possible to ensure that your employees become your strongest link, not the weakest, in your security chain. To find our more download our latest whitepaper: The First Step to Protecting Unstructured Data.