UK leads the way for security of mobile workforce; US needs to step it up

I’ve traveled around many parts of the world and it’s been quite surprising to me that the US seems to be behind in finding ways to adequately protect mobility. When I say mobility, it’s more than just smartphones and tablets too, although this is a part of it.  But, mobility in general and cohesive protection for organizations seems to be a bit behind in the United States when compared to other places such as the UK.

These are my own personal observations of course, but I wanted to understand why?

I’ve had the most time in the US and the UK and have seen the greatest contrast there so I think these will serve as a reasonable example.  But I do see the trends also occurring in the rest of Europe with a note of focus in the Nordics in particular where mobility has been a way of life for quite some time.

From an innovation perspective, I still see the US leading with the development of a number of new technologies around mobility.  Companies are still innovating in the US and we’ve seen some of these companies seeing great levels of funding and success around the world.  Companies like Air-watch and Iron Mobile have dominated the media attention and have built considerable business helping to secure mobile devices.  But, the international competition is growing quite substantially.  There are many non-US companies who are building great, innovative technologies to support mobility.  I still give the edge to US companies in this area though (but that advantage is growing smaller over time).

On the deployment side however, I see a large difference between US and other countries like the UK.  The UK is quite a bit ahead on the actual deployment of technologies to protect mobility.  It’s also not just limited to protecting mobile devices but looks more broadly at an overall picture.  What I see is a higher level of awareness that mobility also includes laptops, home PCs, internet cafés and other ways of accessing information in addition to smartphones and tablets.

I believe there are several very significant reasons for the UK being ahead on the deployment side.

The first is media exposure.  When someone loses information, particularly when it’s a government agency like a local county council, the media holds nothing back when lambasting the organization that has lost the information.  This has been very common when someone has lost an unencrypted laptop with lots of personally identifiable information on it, or when a security breach allows for the exposure of confidential information.  The media are really quite severe and it has a very big impact on both attention and reputation for the offending group.

The second area is the government now levying significant fines on organizations that are seen to violate the public trust with regards to loss of this personally identifiable information.  The UK government is actually fining their own agencies when there is a lack of proper protection for information within the various organizations.  The principal areas for this are from my observations have been within local government councils and healthcare (which in the UK is also government run through an affiliation of local government trusts as part of the NHS – National Health Service).  Government is policing itself and penalizing organizations that don’t comply with mandates to protect confidential information.

In addition, government now has the ability to levy fines on private companies for up to 500,000gbp (about $750,000 US) for their transgressions regarding loss of confidential information.  I think these factors have contributed greatly to a broader push to get organizations more comprehensively covered.

I don’t see the same push within the US, at least not to the same degree.  We aren’t seeing the same commitment from government, or at least not the same levels of “persuasion” to address the situation appropriately.

Don’t get me wrong, we have seen some very high profile cases in the US.  There have been situations where large companies have lost 10’s of millions of credit card details to hackers.  This does get coverage to a degree.  But the outrage that exists in the UK for someone who lost a few thousand healthcare records seems to me to be far greater than many millions of records here in the US.

Many factors play into this of course, and I’m sure there will be people who will disagree with what I’m saying, but these are my personal observations and in my travels and in my own business, I see evidence that this is quite true.