Preventing data loss is as much about how you manage people as it is about setting up the right policies, says Andy Baldin, Vice President, EMEA, LANDesk Software.

It’s every CIO’s nightmare: critical business data lost, stolen or maliciously exposed to a major breach of security systems or policy. Worryingly the frequency of major security failures, the scale of data loss, and the total cost of remediation and recovery have all skyrocketed as a result of an ever increasing mobile workforce and developments in mobile technology.

On average, 10,000 mobile phones and 1,000 other tech gizmos including iPods, laptops and memory sticks are left in the back of London taxis every month. Whilst you can’t stop your staff accidentally leaving possessions in taxis or elsewhere, you can introduce measures to prepare for the worst.

Prior to technological developments we relied upon a pen and paper to store corporate information and if these were left behind in public then there was no way of preventing non-staff from accessing this information. Although there is an increase in remote working with mobile technology, this gives you an opportunity to protect our corporate data.

However, currently, only one in three companies has the capability to centrally manage all mobile devices and operating systems and this needs to change. It’s no longer simply about protecting the hardware in your office, now you need to protect it when it leaves the office too.

Data security depends on a complete but flexible toolset capable of managing and securing a diverse and mobile client population, in any location, at any time. But how can you manage this without impairing the efficiency and productivity of your staff? One way would be to introduce an endpoint management to enable granular control of user access to portable storage devices such as read / write-level access control and an auditable record of file transfers to USBs.

It’s all very well limiting the amount of corporate data that staff store on mobile devices but with over three quarters of businesses employing regular remote workers, a certain amount of data will always be transferred offsite and therefore needs to be protected. A management suite can assist you in designing policies so that when an item is lost or someone unauthorised attempts to access the information, the mobile device immediately closes down and thus prevents that person from accessing any data.

When staff leave the office, you can prevent your data leaving along with them. Limiting the use of personal USBs is one way to do this, ensuring that your data can’t be used to store corporate data. You can also keep a record of the information downloaded to USBs so you can see what your staff are taking off work computers in order to prevent leaks.

Regardless of whether corporate hardware is solely intended for work-use, with applications for Twitter and employees frequently downloading or streaming music, it is becoming increasingly common for staff to install software for personal use. Application blacklisting capabilities let you prevent users from launching unauthorised applications, even inadvertently.

You can control user access to disk drives, communication channels, ports and modems. Using unsecured network connections can also risk your corporate data.

By deploying endpoint security management from a single console, you can detect and deploy security patches automatically and perform customised scans to support your corporate security policies. This can scan for multiple security types, vulnerabilities, configuration threats, antivirus compliance, and simplify patch research, acquisition and distribution and keep your network safe.

Every business wants to adopt the latest working practices to help boost productivity, retain talented staff and remain competitive. Investment in endpoint security provides a framework which enables an organisation to embrace these changes and give its staff more freedom but without creating additional risk and IT management challenge.