In 2012, security, identity management and data entitlement will be very high priorities for organizations of all sizes and in all markets. Not only will the growth in the percentage of our workforce that teleworks amplify this issue, but also the prevailing allowance of organizations that encourage employees to “bring your own device” (BYOD).

Analysts report that in 2011, more consumers did the majority of their shopping online than ever before. The 2011 ISACA “Shopping on the Job” survey found that nearly one-third (32 percent) of people who shopped online this holiday season did so using either a mobile device provided by their employers or their own device that they also use for work purposes.

These results are horrifying and paint a very scary picture. The same devices that many employees use every day for work also process countless e-transactions across unsecured public networks.

Is your IT department ready for this? Can you support a myriad of varying laptops and other devices that aren’t company-issued? Is your team prepared with a universal remote device and access policy?  Have you considered policies about where corporate data is stored or what device it is saved on?

If not, the network and security ramifications could have an incredibly adverse effect on your business.

When employees work from home or on the road, they most often use personal devices such as PCs, laptops, tablets or smartphones, which means that sensitive company data and information is not safe inside the company’s firewall. Instead, it is quite vulnerable to a never-ending range of security breaches. The same ISACA study reported that 44 percent of respondents indicated that their enterprise allows employees’ use of IT assets and time for personal purposes, and 38 percent allow the use of personal mobile devices for work purposes.

At Route1, we believe that the time to address secure, remote access is now.

For MSPs, VARs and other solutions providers, this trend should sound an alarm for you as it presents a tremendous opportunity. Proactively addressing security and remote access will endear you to your customers, as it demonstrates your commitment and forward-thinking approach.  And more often than not, a cost-friendly, easy-to-use solution is readily available.

For many organizations, adopting data entitlement practices may be the most powerful way to mitigate risks as well as the easiest path through which to address this problem. Gone will be the days of any employee being allowed to access and store sensitive information on personally owned devices.

Employees must have tools that provide them with a mobile computing experience identical to that when they are in the office – with the exception of being able to extract data outside the enterprise firewall. Confidential data and information stored on personal devices – such as smartphones, tablets, laptops, and USB drives – are a liability waiting to happen and an open door for hackers, viruses or other external threats.

Also of note is that the time for true multifactor authentication is long overdue.  Passwords and pin numbers are nowhere near enough.

The organizations that think they have time before investing in a sound security policy, or feel constrained by prior invested capital in poor security solutions, will undoubtedly find themselves on the wrong side of an attack or breach.  There are just too many threats out there, and the extent of damage they can cause is growing exponentially.

Obviously, this threat is very real as not a day goes by that a security breach doesn’t make headlines.  As such, it is up to IT departments – both internal and outsourced – to make sure that they proactively address this situation before catastrophe strikes.

TONY BUSSERI is CEO of Route1, a global provider of security and identity management solutions. The functionality inherent to the company’s software, combined with its MobiKEY devices and integration expertise, empowers organizations such as ING, the US Navy, the Department of Homeland Security and the Canadian Government with the tools for secure remote user access, identity assurance and multifactor authentication. Contact Tony Bussseri at This e-mail address is being protected from spambots. You need JavaScript enabled to view it .