Secure data-sharing in a mobile world

by Andrew Millard, senior director marketing, EMEA, online services division at Citrix
 
Andrew MillardThe development of bring your own device (BYOD) policies has become more commonplace, as businesses across all sectors and of all sizes recognise the need to respond to growing pressure to enable staff to use personal devices in the workplace.
 
A recent Citrix-commissioned global survey of senior executives and managers highlighted that the greatest pressure is coming from employees within the business. More than one quarter (28%) of respondents in UK businesses for example cited this as a key driver, compared to 14% pointing to external commercial forces and only 8% to regulatory changes.
 
As elsewhere, much of the focus for banks and other organisations centres on making employees’ lives easier by using one device for both business and personal use. This is one of a number of key elements in enabling greater workforce mobility, which is proving to deliver tangible benefits in improved recruitment and retention. Similarly, previous fears of loss of output are proving unfounded, with almost two-thirds of businesses across all countries surveyed confirming measurable productivity benefits of up to 30% and more as a result of a ‘work anywhere, with anyone’ strategy.    
     
Yet for the banking and finance sector in particular, significant concerns remain in moving to a more flexible, mobile workplace. Earlier worries over loss of management control may be disappearing, but security remains the number one barrier to enabling remote access to the corporate network and application and document downloads. From both a corporate and a public perspective, there can be no compromise when it comes to protecting customer information.  
 
As a result, firms are exercising extreme caution in moving to a more cloud-based collaborative environment, considering only those web-conferencing solutions which guarantee the highest levels of confidentiality, integrity and data availability and security in dealing with their corporate and individual customers.      
 
Data access – a best practice response
File sharing is a key area where technology has moved on significantly in addressing corporate concerns over security.
 
Secure mobile access to enterprise data is a critical component in enabling user productivity and organisations require an enterprise-class solution to deliver it. The answer is to mobilise user data from Microsoft SharePoint, network drives and virtual desktop environments, at the same time providing the IT team with comprehensive control to secure enterprise data everywhere.
 
Historically, IT departments throughout the finance sector have faced a major challenge in enabling secure access to this data from outside the corporate networks or from mobile devices. Established file sharing services have needed the secondary step of migrating or syncing SharePoint or network drives data in order to provide secure access to data behind the firewall.
 
However, best practice solutions have now taken this an important step further, with new connectors that create a direct and secure connection to data in its original location, so creating seamless integration with existing systems and applications.    
 
In making the move to a virtual workspace, organisations need to implement processes and technologies to ensure a smooth transition. With collaboration recognised as one of the most important elements of a virtual working environment, tools such as video-conferencing and instant messaging are already established as key enablers. Secure file sharing solutions now make the transition easier for all key stakeholders.
 
Work is no longer a place you go but what you do. To enable this, IT is charged with the task of supporting a wider range of devices and platforms and so is likely to respond positively to technologies that already have the required security measures in place.
 
Securing the cloud                  
Cloud-based solutions can both save businesses time and money and make employees’ lives easier and more productive. However, they bring with them their own challenges around security, especially in an environment involving high levels of sensitive customer information. In the area of file storage and transfer, for example, cloud services can present a powerful alternative to insecure email or FTP, yet it is essential for banks to select tools designed to meet their specific needs if it is to keep up with rapidly-changing work trends.
 
In recent years, news stories around breaches by hackers, lost mobile devices and service interruptions impacting on productivity have continued to cause concern around the issue of allowing a cloud service to host data on behalf of the business. Yet in many cases it is possible to adopt a cloud solution that employs robust security measures beyond what are already in use – so improving control over stored information rather than putting it at risk.
 
A best practice file sharing solution is likely to incorporate a number of key elements. Together, the following functionalities will provide a secure online portal and transfer service which is both easy-to-use and employs the same high-level safeguards as online banking at all levels of the transfer and storage process.
 
It is possible to move to the cloud without surrendering privacy. Important documents can be shared with one client, at the same time keeping all internal data and other client files invisible. Multi-level access settings ensure the business maintains total control over files and folders. The business can also determine what information each user can see and which actions they can take – including whether they can upload, download or delete files – with flexible reporting providing a complete and transparent audit trail.              
                  
Data should be protected at all times, including when it is at rest or being transferred, by employing encryption for file storage and up to 256-bit SSL encryption for transfer. This resolves the problem of email security by replacing open email attachments with encrypted downloads and is as just as simple for the user to execute.
 
Only those files that are required are retained, with all versions of each file saved so that progress can be tracked and access to older data if needed. Earlier copies can simply be deleted if no longer required. Once permanently deleted, files are permanently purged from servers and backups. Supporting this, a physical backup service can also provide a complete copy of data by DVD, flash or hard drive.     
     
Mobile security           
The cloud is an enabler of a ‘work from anywhere’ strategy, but lost or stolen smartphones and tablets can compromise data security when users work across devices. Mobile apps are available which have a remote wipe facility which removes access to files and account information instantly, offering protection against unauthorised access on a missing device. A built-in mobile content editor can also support standard SharePoint functions like check-out, edit and check-in form mobile devices.
 
Data protection also extends beyond the application to the server where the data is stored. Not only is data held on servers that meet stringent SSAE 16 audit reporting standards and are ISO27001 certified, but the security application itself is also hosted on these secure servers and undergoes third-party vulnerability testing, on a daily basis if necessary.
 
To provide maximum protection against a catastrophic event, data is mirrored to alternative servers within a dedicated backup centre, ensuring that files can be brought back online with minimum delay. This means that minimum 99.9% uptime is maintained, including scheduled maintenance.
 
Increased adoption
The availability of best practice solutions with these security features has led to growing adoption by firms in financial industries in particular to protect secure client information with encryption which meets the most rigorous national and regional privacy laws.
 
They offer a password-protected space where business file can be exchanged easily and securely with clients. This includes the ability to send large files by email, conduct a secure file transfer and provide a collaboration space where project related files can be posted.
 
As a result, by tackling these very real security concerns the final barrier to effective remote mobile working for all businesses across the finance sector has now been decisively overcome.