With NDB legislation businesses using Enterprise Mobility must acknowledge that mismanagement of their mobile ecosystem puts their company at risk. A correctly managed and maintained mobile ecosystem is essential to protecting a company’s assets, as well as for ensuring that an organisation meets their governance and compliance requirements. This is especially important in the wake of the new Notifiable Data Breach Regulations. The fine alone for a data breach could cost an organisation $2.7million while the Ponemon Institute, an international researcher conducting studies on data protection, security, and mobility, records the average cost of a data breach in 2017 at $3.6million.
On top of this, the cost of replacing lost, stolen, or mismanaged devices – such as hardware belonging to employees who have left the business, can get very high. As an example, in 2017, the Australian Taxation Office reported that it spent over $150k on replacing lost, damaged, and stolen devices. This doesn’t even take into account the risk of devices that are actively accessing company resources by users whose identity cannot be pinpointed as they have moved business units, cost centres or departments and may no longer have security clearance for accessed information.
Furthermore, the risk of cyber threats has increased with the evolution of enterprise mobility. As devices have become more sophisticated, so to the attacks relating to them. As an example, the Breach Level Index recorded that nearly 5 million data records are lost or stolen worldwide every day – an average of 58 data records every second. Last year, notable targets of cyber attacks included Equifax, Verizon, and Kmart. For these reasons, companies engaging with mobility must be aware of where their devices are, who has them, and what to do in the event that a device is missing, stolen, or has no up-to-date recorded user identity.
To circumvent issues such as these, companies must be asking:
1) Do we know how many devices we have? Can we match them to a service plan with the carrier?
2) Do we know who is using these devices/where they are/ what they are accessing?
3) Do we have a plan if a device is lost/stolen/unrecoverable? Can we remotely wipe that device?
Mobile Device Management (MDM) is the minimum requirement to mitigate the risk of sensitive information getting into the wrong hands and to satisfy NDB requirements. It does this by preventing unauthorised access to corporate data, helps ensure that mobile devices are compliant with corporate mobile policies and provides capability to remotely lock and wipe a compromised device. These features can be managed through a single console, providing companies easy access, with heightened transparency, to risk mitigation capability as well as productivity improvement.
Mobile Device Management assists with security by enabling companies to:
- Remotely deactivate devices/wipe devices that are unaccounted for or that have been lost or stolen.
- Enforce device and over-the-air encryption
- Authenticate devices in alignment with corporate identities and policies
- Monitor device health, configuration, and user privilege
- Enforce security and compliance policies for overall device security management
To find out more about how to mitigate your security risk with Mobile Device Management, and achieve compliance for NDB legislation, reach out to an imei consultant today. With 17 years of experience meeting the unique demands of a dynamic and maturing Enterprise Mobility Market, we can help you get the most out of your mobility journey.