Data protection strategy for mobile devices

In reviewing Data Loss Prevention (DLP) solution strategy for the enterprise, the discussion turns to a point where project teams examine DLP solutions for mobile devices as data on these devices can be accessed from anywhere and everywhere. Therefore, these devices put a great risk to organizations’ data protection strategy. The key question is how to protect the confidential data that gets accessed, processed or stored on the mobile devices as an endpoint in the enterprise environment.

There are solutions that can be implemented if the endpoint is a traditional PC or a laptop by pushing out corporate data protection policies down to the endpoints by deploying data loss prevention agents to the endpoints to monitor and prevent confidential data as its being access, stored and transfer in/out of the endpoints.

However, proliferation of mobility in the enterprise environment seems to be a new challenge for every enterprise in trying to protect data on the mobile devices. The reason being that simple confidential data can be accessed via mobile devices using an email client, web browser, an app like Facebook, cloud apps like Dropbox, OneDrive, Google Drive etc., with or without the permissions of IT. Therefore, it raises the risk that confidential data can be compromised or lost from the devices, and require a strategy for organizations to put appropriate solutions and controls in place to monitor and detect any confidential data without putting confidentiality at risk.

So the question remains unanswered, what sort of technology can enterprises include in their data protection strategy to prevent data loss from the mobile devices and what are the solutions available today to address these challenges.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         

There are many vendors who claim to offer mobile DLP solutions to monitor and protect confidential data in mobile devices and protect against inadvertent and malicious loss of data by monitoring email and web traffic, mobile apps. However, none of these solutions is mature enough and can be implemented and operated operationally. The second reason is technology is changing every day.

These products are mostly a complement to mobile device management (MDM) solutions and require a VPN connection to corporate servers in order to monitor and prevent confidential data leaving the corporate network. Effectively, there is not a mobile DLP solution available today for enterprises to add to their data protection program strategy in the longer term due to the fact that it requires unique architecture and challenges to be able to monitor and protect confidential data leaving the corporate environment.

In addition, Enterprise Mobility Management (EMM) suite is an another option for enterprises to consider, evaluate and assess their feasibility to implement and adopt mobile data protection solution for the mobile workforce. EMM solutions are designed to help manage and protect confidential data and are specifically designed for unique use cases like protecting Office 360. But they need to be evaluated to see if the solution meet corporate security policies, security standards and regulatory compliance requirements. One needs to evaluate EMM capabilities and its functionalities strategically, and what values it really can bring to the enterprise when it comes to the enterprise data protection program.