Sunday, 5 August 2007

Mobile Security an overview

Most mobile devices connect from outside the security perimeter of corporate networks, exposing them to varying levels of risk. In addition, today’s mobile devices offer many of the same features and applications that employees use on their laptop or desktop computers, including access to the Internet, business applications, calendar and contact information, e-mail etc. As a result, many of the security threats that exist for desktops will exist for mobile devices however the smaller devices are much more easily lost or even stolen!

The number of Mobile devices with wireless connectivity is on the increase. These devices make the connection back into the corporate enterprise comparatively straightforward. Therefore consideration must be given to measures that will allow for the possibility of losing or having the device stolen by ensuring that the data stored on the mobile device is also stored centrally. Be aware that these mobile devices will be out of the office for the majority of the working day, which increases their vulnerability, so thought should be given to the use of power-on passwords, Smartcard authentication and the protection of data by the use of encryption. If possible, ensure that data is held on mobile devices on a temporary basis and removed when the user has completed the work, thus minimising the risk. At present the risk of virus attack on mobile devices is low, however a number of mobile viruses have been discovered, as a result of this, virus protection must also be considered.

The security of mobile devices could be seen as a major challenge, yet taking a common sense approach reduces the effort. Treat the mobile devices and wireless connectivity as part of your IT landscape and take appropriate steps to mitigate any security risk.

If you consider the following points when looking at security, you will not go far wrong!

Radio based technologies do not respect the physical parameters of a building.

Portable devices are not contained within the physical parameters of a building and should be treated as an extension of your enterprise.

What would the impact be on your business if a mobile device was stolen or lost?

Are your employees using their own mobile computers or smart phones to access email or synchronise data with the desk top computers?

Creating a mobile device security policy will pay dividends in securely mobilising your workforce

No comments: