Recently, I have been reading about the security challenges many organizations are facing with regards to the use of mobile devices in their networks, and the various security strategies they can implement.
Use of mobile devices for business is growing at an exponential rate. This also increases the need for wirelessly-accessible peripherals, and exposure to new mobile applications. This is forcing IT departments to reassess their entire mobile security strategy and architecture.
As more mobile devices access the corporate network, the risk of data loss, leakage of valuable intellectual property, and exposure to vulnerabilities (viruses/malware) increases significantly.
So how do you plan a successful mobile security strategy? Below are some points to consider:
- Determine your mobility requirements. Who are the mobile employees and what IT resources do they need access to when they are mobile (i.e. corporate emails, calendars/contacts, corporate applications etc..)
- Establish corporate rules to give appropriate employees access to the necessary data and resources on their devices (crucial for productivity), and at the same time to ensure that this data is restricted on the device and can be wiped when required (crucial for security).
- With the constant influx of new mobile devices and platforms in the market, it is very important to decide on what devices and operating systems should be supported based on the security capabilities of these platforms.
- Decide whether these devices will be owned by the company or if employees will pay for their own devices (BYOD), while taking privacy and legal implications into account.
- Define acceptable use policies and identify security control requirements (i.e. password complexities, encryption, application control).
- Identify additional technology requirements to enforce these security policies. (i.e. MDM, DLP, Encryption, Authentication)
- Create a training & awareness program for the employees, and ensure your support staff is prepared.
If you have any questions or require assistance in planning and designing your mobile security strategy, please contact your NCI rep today.