– Dave Anderson, senior director, marketing, at Voltage Security says:
Gartner’s latest quarterly PC sales analysis – which showed Q2 2013 shipments down 10.9 percent from Q2 2012 worldwide, marking the fifth consecutive quarter of falling sales – clearly illustrates the shift from desktop and laptop PCs over to tablets and smartphones.
What we are seeing is the result of a massive swing away from desktops and laptops as the primary interface mechanism to data in the workplace. As users start to do far more with their data on tablets and smartphones, so their usage of PCs slumps – extending the life of a typical machine.
In some cases, users are also starting to stop using desktop PCs altogether, as adding a keyboard/case to a tablet computer is now a very popular peripheral. But the key question that IT security professionals need to ask themselves is “how does this change our data access – and data governance – requirements in the workplace?”
The trend towards tablets – as confirmed with touch-based notebooks accounting for less than 10% of total sales in the Gartner analysis – changes the data governance dynamic for most organizations, as iPads and other tablets have only limited on-device data storage facilities.
Our own observations are that tablet users tend to favor cloud-based data access services over using the company server, as this supports anytime/anywhere computing.
The challenge this creates for corporate IT professionals, however, is significant, as very few legacy security platforms can reliably extend their protection into the cloud. Not only this, but there are regulatory hurdles to be met when it comes to moving data into the cloud, as well as storing or replicating data on mobile devices.
Notice I said storing AND replicating data.
It’s important to understand that most mobile apps tend to replicate data from a remote server, rather interact or edit the remote data file. This creates all sorts of regulatory issues, most notably under PCI DSS governance rules – which are due to step up a notch with v3.0 of the rules due to be released later this year – and the Basel III stress testing and governance rules which are already being phased in across the financial services industry.
Effective data security is already a complex issue for most IT security departments, but adding mobile access – with all the challenges this entails – changes the ballgame significantly. As more and more organizations – and their employees – embrace mobile access to corporate data, it is imperative that the information governance systems they employ take a data-centric approach to the businesses’ security.