Mobile Security 101: An Executive Guide to Mobile Security
- 20 November, 2008 12:09
- Comments
- Where do I start when securing mobile devices?
- Who is responsible for device security?
- What security do mobile devices need?
- For the mobile devices I do need, isn’t password protection sufficient?
- So how do I secure the data itself?
- How do I manage passwords and encryption across the devices?
- I can’t find sufficient security tools for PDAs, smart phones and so on. So how do I handle them?
Mobile Security
Laptops have become so inexpensive that they’re standard equipment at many enterprises. BlackBerrys are all the rage among travelling execs. Mobile phones and PDAs are merging into smart phones that allow mobile e-mail, Internet and even corporate network access, as well as the ability in some models to work on spreadsheets. Copying company data onto USB thumb drives and other removable media has never been easier. Critical enterprise information is leaking onto mobile devices whose risk of loss or theft is much higher than it is for PCs at the office.
The risk is not theoretical. According to the Privacy Rights Clearinghouse, 56 potential breaches of clients’ personal information involving laptops and other mobile devices — typically stolen or lost — have been disclosed publicly from Jan. 1 to Oct. 24, 2006, involving the personal information of at least 31.68 million people. And that doesn’t count breaches of corporate data not covered by various state breach-disclosure laws.
Fortunately, security methods aren’t theoretical, either. There are concrete steps an enterprise can take to secure the data on its mobile devices.
Where do I start when securing mobile devices?
The best way to secure company data is not to store it on client devices in the first place, advises Eric Maiwald, a senior analyst at the Burton Group research firm. If data resides on servers and within the data centre, with access permitted only over the network, there is no local copy to lose if a laptop or PDA is stolen or lost. This strategy also protects PCs in the office; after all, they can be stolen as well. While it can be more convenient for an employee to work from a local copy of data — on a laptop transported home or on a thumb drive — the high availability of broadband access and the maturity of remote-access technologies, such as laptops and smart phones, is rarely much less convenient. This approach also provides better security while still letting people work in multiple locations and with multiple devices.
Unfortunately, many companies have issued laptops as the standard PC, a strategy that undercuts security. Only employees who need to work while travelling should be issued laptops; examples include senior executives, salespeople, auditors, field technicians, some marketing staff and telecommuters. The rest can use PCs or computers at home or at satellite offices.
Enterprises that limit the use of mobile devices and discourage the use of locally stored data will still find exceptions that require local data storage on mobile devices, but these exceptions will be few and their small numbers will make them easier to manage.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- Bookmark this page
- Share this article
- Got more on this story? Email CIO
- Follow CIO on twitter
- Think print, Think security - Plugging the printer security gap
- The mobile print enterprise - How IT consumerisaton is driving anytime, anywhere printing
- Control your Print Environment
- Get the Whole Picture Why Most Organizations Miss User Response Monitoring—and What to Do About It
- Stopping Fake Antivirus: How to Keep Scareware off Your Network
-
China's Alibaba sees big growth with AliExpress site
-
Pfizer's Future Depends on IT Transformation
-
10 Tips for Dealing with a Bully Boss
-
Social networking security in the workplace
-
Facebook stock slumps for third day
-
Case Study: Keeping information on the move: Clearswift protects Maman, the logistics experts
Time is money. Every minute a consignment is held up in transit costs money and causes problems. Web and email are mission critical business tools that enable Maman, and their customers, to efficiently collaborate with partners across the globe. Spam, and other web based threats can result in delays that ultimately lead to missed deadlines - keeping the lines of communication open is therefore a key priority for Maman. Read on. -
Why performance management? A guide for the midsize organisation
Midsize organisations are uniquely positioned to take advantage of a performance management approach to business. Compared with larger companies, they have more agility to bring information and people together and respond faster to changing market conditions. With one performance management solution, midsize companies can turn disconnected data into information, turn information into valuable insight and turn insight into action. -
NetScaler 2048-bit SSL performance advantage
Citrix® NetScaler® provides advanced layer 4-7 traffic management and load balancing. Like other leading Application Delivery Controllers (ADCs), NetScaler can offload computationally expensive SSL processing responsibilities from web and application servers to speed the delivery of SSL-protected applications. Learn more.
Get exclusive access to Invitation only events CIO, reports & analysis. 
Comments
Post new comment