You are currently on IBM Systems Media’s archival website. Click here to view our new website.


CISOs Can Mitigate Common Mobile Security Fears and Prevent Issues in the Workplace


A human resources director forwarded some W-9 forms from his smartphone, but he sent them to the wrong person. An accounting manager’s new tablet was stolen—right after she downloaded financial data for an upcoming meeting. A communications coordinator accidentally posted photos from his bachelor party to his company’s Facebook page.

These scenarios would mean a bad day at work for just about anyone, but especially for a CISO. As more employees bring their own devices to and from the office, many CISOs suffer from an increasingly common anxiety disorder: mobilephobia.

IBM’s e-guide, “Mobilephobia: Curing the CISO’s Most Common Mobile Security Fears,” delves into the worries and realities surrounding mobile security in the workplace. Jason Hardy, market segment manager for IBM Mobile Security and an author of the e-guide, explains the key takeaways CISOs can enact to improve mobile security.

The Harsh Reality

Every three minutes, a mobile device is wiped as part of a corporate security policy, according to a recent study by MaaS360 ( The same study revealed that businesses of all industries and sizes are clearing data from mobile devices to manage security concerns.

These facts show that CISOs have a good reason to be anxious. As the lines continue to blur between professional and personal mobile devices, new risks and threats to security arise. Unlike many phobias, mobilephobia is based on rational worries.

“We’ve been securing laptops and had a clearly defined perimeter for years,” Hardy says, “but now there are all of these new devices that haven’t been secured. Millions of people are using smartphones and other mobile devices, which means there are millions of new targets.”

Rein in Rogue Devices

In any given organization, the CISO may be struggling to manage and control hundreds or thousands of mobile devices. With those mobile devices come numerous OSes, most of which are upgraded on a regular basis, and often before the CISO has an opportunity to certify them. In addition to the OS, end users are constantly downloading new software applications that haven’t gone through the company’s security testing processes.

“Laptops were typically company-owned, and we were able to lock them down and manage them,” Hardy says. “But mobile devices are often owned by end users—and they hold the keys to adding and upgrading applications.”

Eve Daniels is a Minneapolis-based freelance writer.



2019 Solutions Edition

A Comprehensive Online Buyer's Guide to Solutions, Services and Education.

Application Integration With PCI

The problematic nature of PCI-compliance application integration makes research, analysis and planning important. It can also greatly simplify and reduce the effort involved.

IBM Systems Magazine Subscribe Box Read Now Link Subscribe Now Link iPad App Google Play Store
Mainframe News Sign Up Today! Past News Letters