We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Is end point security a waste of time?

Trying to lock down every possible device used in the workplace may face a losing battle

The first board member at your organisation to walk through the door with an iPad did the IT team a massive favour. Put bluntly, there was no longer an argument. They had to ease the purse strings on your requests to fund management and security systems to go with your enterprise mobility projects.

With a Forrester Group survey of 10,000 information workers finding that a quarter of devices used for work are now smartphones or tablets, not laptops or PCs and that half of all workers are using three or more devices to do their job, the challenge is growing.

Those trying to lock down every possible device, from a private smartphone to a company laptop, may face a losing battle. Similarly, securing every network, from VPNs to WiFi hotspots is beyond the capability of a centralised IT department. Security experts are therefore moving their focus away from the device and the network and on to the data.

Encryption has been around for a long time, but it is usually reserved for special cases of data, such as sensitive medical records or financial transactions. Applied more broadly, it can act as a catch all deterrent to hackers by rendering data worthless for re-sale, security experts argue. This takes the pressure off securing networks and devices.

However, an order of magnitude extension of encryption policy is not without its overheads. At the moment encryption keys are managed at the application or server level, whether that is for email, database or on the laptop. IT departments need to introduce a corporate policy to distribute escrow and revoke keys; otherwise the process could become unmanageable.

Tokenisation offers a second option for companies wanting to protect data. Here, all or part of the sensitive data is replaced by a token, which can be exchanged for the real data, held in a secure location. It is widely and effectively used in the card payment industry, but relatively new to the wider corporate world.

A third option, masking, hides real data by scrambling it to create a new data string, while retaining the properties of the original data, although it is only useful during development and testing.

While there are strong arguments for taking a more strategic approach to protecting business data, it is not time to throw out the firewall and anti-virus software.

Even without data theft, viruses can clog up infrastructure and consume IT resources, and hackers can cause untold damage to corporate reputation, as well as disruption to IT assets. As such, renewed focus on data security becomes one more weapon in the fight against cyber vandals and criminals.

IDG UK Sites

Android One vs Android Silver vs Google Nexus: What is the difference?

IDG UK Sites

2014 Mac mini release date, specs, rumours: When's the new Mac mini coming out?

IDG UK Sites

Long live the internet fridge: the Internet of Things is coming

IDG UK Sites

How Prometheus' colourist Juan Ignacio Cabrera gave a tense, edgy feel to Chosen