Balancing the benefits and risks of mobility

1 2 Page 2
Page 2 of 2
  1. Secure the device

    Example of the risk: One of your company's top research scientists absentmindedly leaves his handheld at a table in a popular coffee shop after he comes up with a breakthrough new formula for a major product. Not only is his formula vulnerable to theft, but also he didn't back up his most recent work.

    Solution: To ensure device security, administrators must provide user authentication through features such as power-on password and centralized management of user access to applications and data. Data stored on the device must be encrypted, and IT must be able to lock down or delete data from misplaced devices, as well as back up and recover critical information.
  2. Guard against malicious code

    Example of the risk: A top sales associate logs on to check e-mail between prospecting appointments. She sees an e-mail from someone she doesn't recognize, but it has an intriguing title line, so she opens it, and the attachment that came with it. The attachment contains the latest computer virus. Her device has antivirus software, but it's terribly out of date.

    Solution: To keep devices safe from viruses and hackers, IT must transparently distribute and install antivirus updates and software patches. Effective front-line security monitors and enforces systems and application settings each time a device connects to the LAN, keeping track of who has accessed information. Retrieving client-scan log files also helps analyze who is accessing data and applications on the front lines.
  3. Secure connections to corporate networks

    Example of the risk: Your CIO accidentally leaves his handheld in the airport terminal just before he boards a flight to return home from a conference. His device contains cached passwords that would allow anyone with computer knowledge to gain access to your network

    Solution: To secure data during transmission, effective front-line security must authenticate users and devices during each connection to the corporate network. In addition to ensuring safe data transfer over the network through encryption, IT must verify compliance with security standards for antivirus software, patch levels and personal firewall settings before allowing a connection.
  4. 1pixclear.gif
    Opinion
    Joan Herbig
    1pixclear.gif
  5. Block network-based intrusion

    Example of the risk: A sales rep is at the local coffee shop, taking advantage of the available wireless network hot spot to review e-mail on his handheld device. At the same time, a competitor's rep across the restaurant is busily trying to use the wireless network to gain access to the rep's contact database.

    Solution: To limit unauthorized access to corporate data, administrators must transparently distribute, install and maintain personal firewalls. At every connection from the front lines, software settings must be enforced and intrusion attempts must be monitored. With systematic reporting and alerts, administrators can identify and correct weak points in the network to limit intrusion.
  6. Centralize control of policies

    Example of the risk: Your new corporate security policy has covered all the bases. Unfortunately, the people in receiving haven't completely adopted it yet. They're still doing their own thing. Your IT experts suspect that problems are originating there, but they don't have any data with which to prove it.

    Solution: To unify security practices across different user groups, security policies must be centrally managed through established policies and corporate directories. Consistent reporting must be available to audit policies and ensure they are enforced. The benefits to be gained from the growing number of mobile devices and technologies will continue to grow. Businesses that take an assertive approach to understanding how mobility can benefit their organization and creating effective solutions will thrive. Those that take a head-in-the-sand approach will be left in the dust.
  7. A security checklist

    Whether your company decides to employ a third party to assist you in developing a thorough security policy or whether you decide to go it alone, you can use this security checklist to help evaluate the project. Addressing all of the key issues around securing handheld devices assures that they become important corporate assets, not a significant corporate liability.

    1by1.gif

    Security Checklist for Mobile Devices

    Challenge
    1pixclear.gif
    Security Measure
    Secure the device 

    blue_square.gif
    Enforce strong power-on password protection that users can't bypass or turn off.

    blue_square.gif
    Remotely lock devices that are lost or stolen.

    blue_square.gif
    Proactively wipe data from devices when necessary.

    blue_square.gif
    Reprovision devices in the field.

    blue_square.gif
    Encrypt sensitive data stored on mobile devices.

    blue_square.gif
    Manage, distribute and install security patches (operating system, browser, Web-enabled apps) transparently via an administrator.

    blue_square.gif
    Regularly back up key data from mobile devices to the corporate network.

    blue_square.gif
    Educate users about the importance and the means to protect their information.

    Guard against malicious code. 

    blue_square.gif
    Distribute and install antivirus updates and software patches immediately and in a manner that is transparent to the user. Monitor and enforce system and application settings each time a device connects to the LAN, keeping track of who has accessed information.

    blue_square.gif
    Retrieve client-scan log files to analyze who is accessing data and applications on the front lines.

    blue_square.gif
    Educate front-line workers.

    Secure connections to corporate networks. 

    blue_square.gif
    Authenticate users and devices during each connection to the corporate network.

    blue_square.gif
    Encrypt data to ensure safe transfer over the network.

    blue_square.gif
    Automate an inspection that verifies compliance with security standards for antivirus software, patch levels and personal firewall settings before allowing a connection.

    Block network-based intrusion 

    blue_square.gif
    Distribute, install and maintain personal firewalls transparently via an administrator.

    blue_square.gif
    Enforce software settings.

    blue_square.gif
    Monitor intrusion attempts at every connection from the front lines.

    blue_square.gif
    Identify and correct network weak points to limit intrusion with systematic reporting and alerts via an administrator.

    Centralize control of policies 

    blue_square.gif
    Implement centrally managed security policies complete with established written policies and corporate directories.

    blue_square.gif
    Audit security policies and ensure they are enforced with the use of consistent reporting.

Copyright © 2003 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
How to supercharge Slack with ‘action’ apps
  
Shop Tech Products at Amazon