Endpoint Security...I Should Have Known Better.

shutterstock_302508602.jpg

Imagine yourself jetting off to enjoy a milestone weekend with your son at college, navigating the joys of LaGuardia Airport, two shuttles to get to your rental car, and starting to relax as you enjoy a nice drive up the Hudson River Valley.  Finally arriving at your hotel and fired up for a great weekend, a feeling of panic comes over you as you realize that your backpack, with your PC, iPad, cars keys and other personal items did not make the trip north.

They say in an accident your life flashes before your eyes.  My first reaction when I realized I’d left my backpack on the rental car shuttle was a similar experience.  My emotions ran the gamut – from the inconvenience of replacing the devices, to the hassle of having to Uber home and then back to the airport to get the car, to an escalating dread as I mentally inventoried both the data and the security settings on the devices I’d lost.

Fortunately for me everything ended up fine.  The fine folks at National Car Rental pointed me to a lost items website and sure enough, among a surprisingly long list of lost and found items, there was a backpack turned in that day.  We drove back down and picked up the backpack, hit the reset button on the weekend, and enjoyed a great trip.

What did I take away from this incident?  Many were lessons I already knew, but had filed under “it won’t happen to me.”  Guess what?  It happened to me.  Suddenly, the drum beats around foundational data assurance concepts like encryption, password strength, back-ups and general security best practices went from “yeah, yeah I hear you” to “AB-SO-LUTE-LY!”

Many common-sense security configurations and precautions your users can execute themselves, either on their own or with a little guidance from IT.  But if you’re managing a portfolio of devices for your organization, or are concerned about the liability for sensitive or regulated data, do you really want to rely on a “trust me” model?  And an approach that if a device is lost or stolen you have limited visibility into exactly what that means for your customers and company?

For me, I typically don’t purchase the “extended warranty” on devices I purchase in my personal life.  It’s a form of insurance I choose to roll the dice on, especially given that the cost to replace is usually manageable for me.  But there’s nothing quite like an incident like this to drive home the point that the “insurance” offered through end-point security and mobile device management services is not a nice to have, but rather quite simply, a business requirement.  The risk to me in this incident was primarily personal; the risk in the enterprise is significantly higher, especially in cases where PII or PHI is involved.

GuideIT offers solutions around securing end-user compute and mobile device management.  We offer these services in an easy to understand, price-per-device, per-month, and the services integrate directly into either our managed services offerings or your own service management processes. 

Late that night, prior to learning that the backpack had been turned in, I fretted over and over about how painful my Monday would be when we got back from our trip.  All I could say to my wife was “I knew better.”  As mentioned, it all worked out fine for me.  But when your moment of crisis arrives, and trust me it will, ask yourself:  will it be a mild inconvenience, or will you have to look your customer, leadership, or even a law enforcement official in the eye and say “the really sad thing is…we knew better…

Authored by: Mark Johnson, Vice President, Commercial for GuideIT