Best Practices for Mobile Mania

Have you ever walked into your users' offices and looked around at all the devices they have attached to the network? You'll probably see cell phones, MP3 players, digital cameras and other small handheld gadgets.

For every device strewn across the desk or resting in its cradle, there is an accompanying application running somewhere on the computer desktop. There are also folders of songs, images and ring tones on the hard drive.

So what are you going to do about it? While mobile devices seem innocuous -- after all, what harm can a cell phone do to your network? -- they can be detrimental to the overall safety and performance of your company.

Take, for instance, digital cameras. Many now come with expandable memory sticks that can hold gigabytes of data. This creates risks for your network on several levels. First, those memory sticks can be used to hide data from your network. Second, files transferred from devices to networked computers pose security risks, because they can hold viruses or be used to access corporate assets. Third, applications used to transfer and manage images take up valuable computing resources. Fourth, images can be hefty files and therefore take up hard drive and backup storage space. And finally, chances are if users are uploading their pictures, they intend to share them with co-workers or others via e-mail, which could potentially bog down your company's e-mail system. You'll also end up archiving image attachments, again wasting valuable storage space.

These are the risks of just one type of device. Multiply this by the number of devices per user, and you can see how quickly gadget mania can get out of hand.

Some IT managers have gone so far as to completely ban noncorporate devices from being hooked onto the network. They use Universal Serial Bus port monitors to ensure that devices aren't being connected directly to computers on the network. They also use network monitors to detect if new applications are being loaded, such as the applications that drive these gadgets.

Other IT managers turn to acceptable-use policies, such as those I discussed in the last column, to educate users about the risks gadgets pose to the company's network. They believe that if users understand the dangers involved, they will be less likely to put the network at risk.

While you must make users stakeholders in the security of the network, relying on their good will alone is foolish. Not because all users are evil -- quite the contrary. But they have short memories and will forget what they agreed to as soon as they get that brand-new BlackBerry or iPod. And we've blurred the lines between home and office so much that they tend to forget that the laptops they take home are still company property and should be held to the same rules as if they were in the office.

I've talked with some IT groups that insist on buying all the gadgets for their users so that they can better control their usage. For instance, IT groups for insurance companies might purchase digital cameras for their claims adjusters and then make sure that only those digital cameras are allowed on the network. Others put out a list of approved gadgets and applications so that they know what they're supporting. Some use policy management software to automatically limit who can use what devices and what applications. At one university, the IT manager drills down even further, creating policies that outline when the devices and their associated applications can be used so that critical bandwidth is not chewed up during regular business hours.

Again, it goes back to what I discussed previously -- what risk can you afford to take. If your network is low-profile and chock-full of bandwidth and other computing resources, then you might not care if your users go crazy with their gadgets. But if you carry sensitive information, are bandwidth-constrained or cautious about desktop usage, then you need to immediately create a comprehensive gadget strategy that protects the security and performance of your network.

Copyright © 2006 IDG Communications, Inc.

9 steps to lock down corporate browsers
  
Shop Tech Products at Amazon