At a recent Enterprise Mobility event, I spoke with a few Asia-based IT directors about their journey in the age of consumerization of IT, and how they were dealing with Bring-Your-Own Technology (BYOT) at work. Their responses ranged from ‘fear of the unknown’ – as in ‘how do we deal with this trend?’ to ‘paralysis by analysis’ – as in ‘let’s arm ourselves with as much information as possible, and analyze it to death.’
The issue is – their employees are already accessing corporate email on their own mobile devices – which means that these IT managers are scrambling to catch up to managing BYOT in their organizations. In fact, an IT head at a large FMCG organization admitted that he did not know where to start managing BYOT.
Security and compliance were key concerns for these IT folks, and their concerns are valid. Trend Micro predicts, for example, that 91% of targeted attacks begin with spear-phishing, a highly targeted type of phishing aimed at specific individuals or groups within an organization. This was heightened in a recent spear-phishing attack on a South Korea bank. The security provider also predicts that there will be 1 million malicious Android apps in the wild by the end of 2013 – another red flag for organizations coping with the rise of Android devices at their work place.
As data flows between countries with disparate data protection laws, firms need to ensure the safety of their customer and employee data through regulatory compliance and due diligence. However, multinational organizations often find global data privacy laws exceedingly challenging. To help our clients address these challenges, Forrester developed a research and planning tool called the Data Privacy Heat Map (try the demo version here). Originally published in 2010, the tool leverages in-depth analyses of the privacy-related laws and cultures of 54 countries around the world, helping our clients better strategize their own global privacy and data protection approaches.
Regulation in the data privacy arena is far from static. In the year since we last updated the heat map, we have seen many changes to how countries around the world view and enforce data privacy. Forrester has tracked and rated each of these 54 countries across seven different metrics directly within the tool. Among them, seven countries had their ratings change over the past year. Some of the most significant changes corporations are concerned with involve:
New national omnibus data privacy laws spanning private and/or public industry. Data privacy regulation, when looked at globally, forms a spectrum of maturity beginning with spotty industry or situation-specific laws all the way to omnibus frameworks. As you might expect, responsible corporations prefer to engage in business practices where the data privacy laws are clearly-defined and transparent. For instance, countries such as Brazil and China are in the process of moving towards potential omnibus laws which will replace a multitude of sectoral and situation-based laws. Other countries, such as Colombia and Singapore, have recently passed far-reaching omnibus laws, also replacing a patchwork of prior sectoral laws.