Get mobile on device infosec policy

Powered by SC Magazine
 

Trial your mobile policies with users to guage acceptance.

Mobile devices like smartphones and tablets are quickly becoming an essential item for many Australian professionals, but there’s a high price for this convenience.

The proliferation of employee-owned mobile devices in the workplace has significantly heightened the security risk for enterprises, putting corporate data at risk.

Recent Australian Bureau of Statistics figures state there were 8.2 million mobile handset subscribers in December 2010, up from 6.7 million in June.

Gartner said more than 5.7 million smartphones are forecast to be sold this year, compared to 4.4 million last year,  and will exceed 9.6 million in 2014.

By 2015, nine in 10 mobile phone users in Australia will own a smartphone.

But before the immense popularity of mobile devices, organisations standardised enterprise mobility on a single mobile platform which were provided to a select number of employees.

However, now an increasing number of employees own personal mobile devices and want to use them for work purposes, particularly as the boundaries blur between work and home life.

Work gets personal

Practically speaking, it is very difficult to prevent employees from using their personal mobile devices for business purposes.

You need a clearly documented and enforceable mobile security policy.

Organisations should start planning on the broad security measures they want to put in place over time, not when problems arise.

You need to consider the areas of access control, data protection and malware prevention:

Access control: Requiring authentication such as a password or even voice detection/fingerprint should be implemented. Unfortunately, these approaches can also make it more difficult for the device owner and may lead to user dissatisfaction.

Malware Prevention: Security suite software runs on the mobile device, scanning for malware and viruses, and is regularly updated as new threats arise. Even applications from pre-approved vendors like the Apple App Store are not immune from malware. 

Data protection: Encrypting the data on mobile devices can provide an additional level of security. Wiping data from a lost or compromised device is recommended practice, however the large amount of personal information that is also lost could be perceived as an invasion of privacy by the end user. Today there are few robust solutions available to adequately separate access to personal and work data, although this is likely to be an area of focus for a number of vendors in the space.

The approach to adopting a mobile security policy depends on what’s driving the organisation. If a company is under pressure from senior people to deliver a quick solution for mobile device use in the workplace, a remedy would be to use an outsourcer to address the issue while policies and procedures are being defined internally.

Alternatively, an organisation could trial a pilot program with a small group of users while they define their mobile security strategy.

Finally, if an organisation wishes to manage the mobile devices itself, we would suggest that they utilise technology that can manage the range of devices people use to interact with the corporations: desktops, laptops, mobile devices and BYO devices.

This would enable the company to have a complete view of their assets (those owned by both employees and the corporation) and act swiftly in the event of a compromised mobile device.

Just the beginning

While the threat of malware on PCs is very real, the threat of mobile devices is just beginning to emerge as they become more popular.

During the next five years, use of smart devices will explode. There will be two billion smart mobile devices in the hands of consumers and business users by 2015. Furthermore, they’ll be using 15 times more mobile apps and services, as well as spending four times more on mobile transactions.

Although the number of smart devices within an organisation may be relatively small at the moment, now is a good opportunity to plan for the next five years.

As your mobile enterprise continues to expand and devices grow more robust, your security risks increase. But with careful preparation, you can leverage the latest tools and expertise to help protect your highly valuable corporate assets.

 It’s clear there is a lot to be excited about with smart mobile devices. This new group of handhelds promises to increase productivity while giving employees greater flexibility. That’s a winning formula for both employees and their businesses.

Copyright © SC Magazine, Australia


Get mobile on device infosec policy
Tags
 
 
 
Top Stories
Change is the only constant at iiNet
iiNet's Matthew Toohey is trialling IBM's Watson - between preparing for an acquisition and making sure Netflix doesn't swamp the network.
 
Why straight-through processing is the holy grail for banks
Big benefits from stripping away human intervention and digitising processes.
 
CBA sued over frozen millions in IT bribery scandal
Eric Pulier's not-for profit lodges lawsuit in US.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
New features are coming to Outlook.com
May 27, 2015
Outlook.com, thanks to its predecessor Hotmail.com, is one of the world's major webmail services ...
Windows 10 to feature integrated apps for Android and iOS
May 27, 2015
Microsoft reveals multi-platform Cortana connectivity for Windows 10. What the heck is that, and ...
Microsoft launches Office for Android preview
May 22, 2015
Microsoft has launched a preview of Office for Android smartphones. Pre-release versions of ...
Microsoft is working on an iOS email chat feature called Flow
May 22, 2015
Microsoft is working on a new chat app, but at the moment we know more about what we DON'T know, ...
Windows 10 free upgrade: Microsoft details who gets what
May 22, 2015
Microsoft was meant to be streamlining its OS with Windows 10, so why is upgrading so confusing? ...
Latest Comments
Polls
Should Optus make a bid for iiNet?

   |   View results
Yes
  44%
 
No
  56%
TOTAL VOTES: 673

Vote