There’s already been a lot of talk about the security risks associated with mobility. How even though mobile devices make things infinitely more convenient, they also represent a significant threat to one’s organization if they’re not properly managed. This is true of any industry – including event management.
However, it may not be true for all the reasons you’d expect.
See, everybody already knows that mobile malware is dangerous. They’re aware that lost and stolen devices can release torrents of sensitive data into the wild, and that employees who fall pretty to a phishing scam can compromise an entire organization. What many of them don’t know is that these risks are themselves only part of a wider security tapestry – and that many of them are overlooking a significant portion of that tapestry.
I’m talking about file sharing.
No matter what organization you’re talking about, employees are going to engage in file sharing to some extent. It’s an inevitable side effect of the mobile enterprise, where people are divorced from desk and office and can work at any time, and from anywhere. This is, naturally, quite evident in event management – itself a highly mobile profession to begin with.
Before we move any further, there’s a few questions I’d like you to ask yourselves:
- When’s the last time I actually worked out of an office or from a desk? Do I do that more often than working while on-the-go?
- How frequently do I access applications and resources from a smartphone or tablet versus a desktop PC?
- Have I ever inadvertently emailed the wrong person?
All three of those questions will be relevant in a moment – trust me.
As far as file sharing’s concerned, people in your firm might share documents related to budgetary or client details. Guest lists containing personally-identifiable information might be forwarded to people both within your event management firm and without, and registration data is likely to change hands many times from an event’s beginning to its end.
None of this is information you want to see leaked into the wrong hands, but if you aren’t using some form of document control, that’s precisely what’s going to happen. And if you think you can trust the people on your team not to mishandle critical documents and data, think again. Especially where file security’s concerned, people are especially prone to making mistakes.
Consider, for example, a study carried out by the Ponemon Institute back in 2014, Breaking Bad: The Risk of Unsecure File Sharing. In a survey of over 1,000 IT and security professionals, the analyst firm found that 61% of employees have confessed to sending unencrypted emails, failing to delete confidential documents, or accidentally forwarding sensitive files to unauthorized recipients. Where data sharing and collaboration are concerned, the study concludes, employees sometimes have bad habits, it’s just a fact of life.
Let’s dial things back a bit. We’re discussing this issue in a post on an event management blog, after all – not a white paper. Your interest isn’t in learning the intricate technical details associated with collaboration and file sharing; you just want to ensure that your team is equipped with the means to function effectively and efficiently.
Unfortunately, traditional security measures such as firewalls don’t really provide this.
“As mobility, the Internet of Things, and the cloud changes enterprise, adversaries are also becoming more sophisticated,” writes Nathaniel C. Fick of Harvard Business Review. “States and state-sponsored entities spy on and attack private companies, often using military-grade tactics and capabilities…most companies try to deal with this by parsing signal from noise. They build walled castles around their most precious assets, but perimeters don’t matter when even the average college student owns seven IP-enabled devices.”
In other words, controlling your networks and servers – if indeed your event firm operates them – isn’t the solution. Instead, you need security that follows sensitive assets as they travel between employees, clients, and team members. You need a document control platform.
By controlling access to your sensitive documents in such a way that only authorized parties can access them – and in such a way that what they do is tracked and monitored – you can ensure you and your clients don’t have to deal with any embarrassing security flubs. And by making that control both convenient and intuitive, you can implement this security in such a way that it empowers you and your team, rather than hindering them. Sounds pretty sweet, right?
So have a chat with your IT department – or do a bit of research yourself, if you’re savvy enough.
There’s been a lot of talk about the dangers of mobility. But what a lot of publications seem to like leaving out is that mobile devices themselves aren’t really a threat – it’s the people using them. By implementing a strong document control platform,