You do really need a policy. Your employees expect IT to protect them, and your company's executives expect you to make sure that corporate data is protected from the things that employees do with their mobile devices. But your customers also want to know what you're doing with their data, and various contractors, distributors, suppliers and anyone else in your network need to know what they aren't allowed to do.
It's bad enough that a mobile device brings the same IT threats as any other network-connected device. It has full access to your LAN and can piggyback on whatever permissions you gave its owner. And of course, if it's being accessed by a naughty user, it can try to exceed that access.
But you really need a mobile-specific policy because mobile devices can be careless with all the data they store. They theoretically can track all movements. The microphone and camera can be activated remotely. Apps can access every phone call, email or text sent or received, as well as every site visited and every tweet tweeted. Some can even send messages under your name without your knowledge (No kidding. Even the Starbucks app has demanded the ability to tweet on customers' behalf). And some apps can identify every other app being used, along with a host of tech specs, like OS version, browser, serial number of phone, Wi-Fi particulars, carrier, etc.
More by Evan Schuman
- Evan Schuman: Mobile IT Roach Motel: Data checks in, but it won't check out
- Evan Schuman: Transparency about data retention requires knowing what you have
- Evan Schuman: Your data exposed -- Delta, Facebook, others latest to fall into mobile app trap
- Evan Schuman: Get ready, IT; here comes the Internet of Things
- Evan Schuman: Bluetooth bras and bumping bozos
- Evan Schuman: App testing and sins of omission
- Evan Schuman: Fear of Glass
- Evan Schuman: Hijacked by social media
- Evan Schuman: Starbucks sat on its clear-text password problem for months
- Evan Schuman: Starbucks releases security fix for mobile app
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well... All Privacy White Papers | Webcasts