Everything You Have Been Told About Mobility is Wrong Myth #4

Mobile solutions are a security nightmare for highly regulated industries

Mobile access to enterprise networks has long complicated the work of IT professionals. They rank mobility among their top security risks.

In highly regulated industries — such as financial services, healthcare, retail, insurance and pharmaceuticals — the stakes are even higher. Security holes can mean stiff fines, loss of accreditation and damaged brand and professional reputations.

If proper precautions are not in place, regulatory compliance is at risk every time a mobile device accesses corporate data. As a result, highly regulated organizations are forced to weigh the benefits of productivity gains against both security risks and the constant demands of regulatory compliance.

Take healthcare. Mobile devices are now part of the toolkit for most hospital clinicians, transforming how they access and use electronic patient health information. Healthcare IT is under pressure to facilitate clinician mobility for better patient care and greater clinical efficiencies. This has meant meeting clinician demands to use mobile devices (often BYO devices) with both medical and nonmedical apps on them.

In fact, research revealed that 79 percent of hospitals let clinicians bring and use their own devices while at work. Yet, at the same time, 36 percent of hospital IT professionals consider securing data on mobile devices to be a top security concern.This means many hospitals have adopted mobile technologies without being confident that they have the security to back them up.

This situation should frighten anyone concerned about compliance with the patient privacy provisions of the Health Insurance Portability and Accountability Act (HIPAA). If a data breach occurs, providers can lose community trust, jeopardize their accreditations and suffer big fines that can exceed $1.5 million.

The juggling act between complying with regulations and enabling greater employee productivity extends beyond healthcare. In financial services, for example, employees with access to real-time data can make faster and more-informed decisions and better serve customers than those without. Mobile solutions can also help financial organizations eliminate cumbersome, error-prone paper processes and cut long response times.

But financial institutions must comply with strict confidentiality requirements outlined in legislation such as the Sarbanes-Oxley Act, the Patriot Act and the Gramm-Leach-Bliley Act. Like HIPAA, these laws aim to protect a client’s private data from unauthorized access.

In practice, that protection seems wanting. Employees in highly regulated industries report surprisingly high use of free, unsecured file-sharing services: 78 percent in financial services and 55 percent in healthcare institutions.[2] Clearly, employees are accessing the data they need to do their jobs, without regard to data security.

How can IT professionals in these industries control access to corporate data and what users can do with that data on their mobile devices? How can mobility capabilities be seen as an enterprise asset and not a security nightmare?

The answer is desktop virtualization. This technology can give IT full control over confidential data, no matter what device is being used to access it. That’s because information resides in data centers, not on mobile devices that can be lost or stolen.

Plus, virtualization offers centralized management of user access to data and applications. This way, companies subject to regulatory oversight can know that they’ve locked down one of their biggest compliance risks.

Desktop virtualization is mostly transparent to users, too. They can still easily access all their applications and data from any device and do it securely via single sign-on login credentials.

IT benefits include faster, more efficient deployments, backups, security, OS migrations and patching via the data center. For example, provisioning a device can take just minutes over the network from a data center. That’s instead of the hours needed to physically install OS upgrades and applications directly on devices, disrupting their users at the same time.

Dell Cloud Client-Computing comprises an integrated portfolio of desktop virtualization solutions, including end-to-end infrastructure products, endpoint products, software and services.

These combine the latest virtualization and management technologies with Dell’s powerful pre-integrated servers, storage and networking. And Dell Professional Services can tie it all together for you — making mobility safe and secure, whether your industry is highly regulated or not.