Mobile Devices Access: Quocirca Research
Recent Quocirca research among European, US and Australian small businesses shows how far the trend to consumerisation of user access to IT has progressed. Over 70% of those interviewed said they allowed at least some of their employees to access certain data and applications from their personally own devices.
When Quocirca speaks with chief information security officers (CISO) in larger businesses they admit that one of the reasons their organisations are also observing the same trend is that in practice it is hard to stop. Senior staff will insist on such access, junior ones will seek ways around controls, including the use of other communications channels if they are blocked from access to formal ones, such as corporate email, from the personal devices.
However, as the Quocirca research shows, there are positive reasons for allowing such access. The use of smartphones is fundamental to enabling remote working. Over 90% of the small business managers interviewed had staff that worked out of the office at some point during the week and they were the ones most likely to be using such devices for remote IT access.
Of course, it is not just smartphones. Many of those employees will already have notebook and laptop computers and they are also rapidly turning to tablets. Over 40% of the respondents in the recent research said some of their employees were using such devices and another 20% expected this to be the case within 12 months.
Information Workers: Benefits and Problems
In many cases, remote workers, for example field service engineers logging faults and social workers filing home visit reports, will be using company-issued mobile devices to participate in locked down business processes. However, for a growing majority it is simply about more flexible working and access to information as and when it is needed – such information workers are behind the mobility revolution that is going on in the IT industry.
However, regardless of all the benefits, information workers present their employers with a problem. How do you keep control of the information itself? How do you benefit from mobility and consumerisation without losing control, becoming a victim of data loss and coming to the notice of regulators? There is also a problem for the users themselves. As they switch from one device to another for convenience, how do they get a consistent view of their data?
Reducing the Risks
There is no silver bullet for solving the employer’s problem, but there are ways of reducing the risks. First, a business must take as much control of its data as it can. It is possible to secure mobile devices themselves using encryption and host based end-point security, but there is the problem of device ownership; installing software on the users’ own devices creates licencing and management issues.