If things are slowing down on the run up to the holiday weekend, it was a busy week in GRC. Symantec research shows iOS and Android to be more secure than PCs, OpenText is offering archiving and records management of social content through Social WorkPlace, Cabinet NG digs deeper into the legal space and Clearwell looks at cloud computing and e-Discovery.
How Secure are iOS, Android?
The research, entitled A Window into Mobile Device Security: Examining the security approaches employed in Apple’s iOS and Google’s Android, took an in-depth, technical evaluation of the two main mobile platforms, Apple’s iOS and Google’s Android, to understand the security risks of each.
Chief among the findings is that, while the most popular mobile platforms were designed with security in mind, these provisions are not always sufficient to protect sensitive enterprise data that regularly finds its way onto devices.
Complicating matters, they are increasingly being connected to and synchronized with an entire ecosystem of third-party cloud- and desktop-based services outside the enterprise.
Some of the principal findings include:
- While offering improved security over desktop-based operating systems, both iOS and Android are still vulnerable to many existing categories of attacks.
- iOS’s security model offers strong protection against traditional malware, primarily due to Apple’s rigorous app certification process.
- Google has opted for a less-rigorous certification model, permitting any software developer to create and release apps anonymously, without inspection. This lack of certification has arguably led to today’s increasing volume of Android-specific malware.
And there’s a lot more besides. Before drawing any conclusions about one or the other, it’s worth taking a look at the report, which can be downloaded here for free.
OpenText Offers Social Content Archiving
OpenText (news, site) took advantage of the recent e2.0 conference to announce the release of the upgraded Social WorkPlace v2.0, which added functionality as well as optional integration with ECM Suite 2010, giving it muscle that most other social media applications can only wish for.
The result is a product that can archive content created during projects in compliance with an organization’s regulations and policies, as well as offering records management control to an enterprise content repository with minimal intervention from technical staff.
Providing out-of-the-box functionality as a SaaS or on-premise deployment, this version has added enhancements to wiki editor, chat and records management and information governance through the ECM Suite. Interested in more?
Clearwell Looks at Cloud Computing
The survey, Trends in E-Discovery: Cloud and Collection, gathered responses from more than a hundred Fortune 2000 enterprises and government agencies, and showed that cloud-based applications defined as in-scope for e-Discovery practically doubled in the past year, from 30% in 2010, to 60% for 2011.
Still, only one quarter of respondents deemed their organization truly prepared to handle e-Discovery requests involving the cloud. Check it out here.
Cabinet NG Digs Deeper Into Legal Vertical
Cabinet NG (news, site) dived deeper in the legal vertical with the announcement that it has signed new VAR agreement with Summit Global Services, a provider of document management and workflow solutions to document intensive industries including legal, medical, insurance and financial institutions.
The agreement allows Summit to include CNG's products, including CNG-SAFE and its hosted version, CNG-ONLINE, as part of its product portfolio.
CNG-SAFE has been building on its repository and workflow features for a long time and offers users the ability to interface between other software applications, enabling integration, compliance, secure user access, scheduling and management tools for its users.
It also improves document security by providing security settings for individual documents, users and groups to protect confidential data. CNG-SAFE helps improve client service, increases billable hours and manages risk, while improving filing and retrieval efficiency, and profitability across the organization.
How Much Data Are You Losing?
Key findings from the report, Understanding Security Complexity in 21st Century IT Environments, shows respondents cited customer information (52%) as the most common type of information compromised -- in addition to intellectual property (33%), employee information (31%) and corporate plans (16%).
With the adoption of Web 2.0 applications and more mobile devices connecting to the network, organizations are challenged with enforcing better data security and IT Governance, Risk and Compliance (GRC) requirements.
According to the survey of over 2,400 IT security administrators, the primary cause for data loss resulted from lost or stolen equipment, followed by network attacks, insecure mobile devices, Web 2.0 and file-sharing applications, as well as accidentally sending emails to the wrong recipient. Interested in more?