To protect your company's data, you first have to know where it. That seems like a straightforward principle, but it isn't always easy to uphold, particularly with the burgeoning volume of mobile devices in the enterprise. Attempting to lock down the company network is no longer a sufficient tactic, writes CSO magazine's Bill Brenner.

Data has to be tracked not only as it enters and leaves the network, but also as it flows onto mobile devices from the cloud, and that is pretty much impossible, Brenner writes. Although it may be an unattainable goal, trying to keep track of this data will go a good ways in improving security, according to Roland Cloutier, vice president and CSO at ADP.

While technologies are not a cure-all, there are several that can be especially helpful, including authorization management, virtualization, DRM, and data encapsulation and tokenization. Once technologies are in place, the bigger challenge is to figure out how users are using data, Cloutier recommended. 

Businesses can take a tip from the use of mobile devices and social media during the uprising in Egypt earlier this year, Cloutier said. The Egyptian government tried to shutter the social network platforms and then tried to close down the Internet, but that didn't prove to be very successful. "Businesses aren't dealing with a revolutionary uprising, but there is a lesson to be had. You can no longer think of security in terms of blocking communication platforms you find threatening. The user will usually find a way around it," Brenner writes.

For more:
- see Bill Brenner's post at CSO

Related Articles:
Security advice from ex-Anonymous 'hacktivist'
Is your partner's network your weak link?
Universities' secrets for layered security