Mobile devices are increasingly being brought into enterprises by end-users, yet surprisingly, companies rarely have the same level of security procedures and software in place to protect precious data on smartphones or other mobile devices as they do on their desktop PCs or servers.
Although to date, the amount of malware targeting mobile devices has been less than those aimed at traditional computing devices, there has been an increase in mobile malware in recent years and the trend shows no signs of stopping. Combine this increase with the risk of device loss and theft, and this creates a serious security vulnerability.
To help enterprises reach the necessary levels of security for mobile devices and the sensitive data they access, the mobile industry as a whole must begin shifting towards a complete approach to security and management.
Below are my five top tips for securing mobile devices in the work place.
- Employ mobile security software: Security solutions that feature network access control capabilities can help to enforce compliance with security policies and help to ensure that only secure, policy-compliant devices can access business networks and email servers.
- Use two-factor authentication technology: Most networks require a username and password to identify users, but usernames and passwords can be compromised. Using two-factor authentication technology provides a higher level of security when users log in to the corporate network. Quality authentication technologies extend the same safety measures for when users log in from a mobile device.
- Protect your data from access: Corporate email and data from line of business applications on smartphones often contains intellectual property or information subject to government regulation. The loss or theft of the device exposes sensitive data and may result in financial loss, legal ramifications and brand damage. Strong password/PIN policies prevent unauthorised access to the mobile device and its data. Employing mobile encryption technologies provide an added level of protection for data communicated and stored on mobile devices.
- Consider remote access: Remote wipe and lock capabilities enable an enterprise to remotely delete all of the corporate data on the device to ensure that the data cannot be breached. Another consideration is as individual-liable mobile device permeate enterprise networks, organisations need a granular control over these remote wipe capabilities so that only the corporate owned data can be wiped.
- Build a network-wide policy control and enforcement system: As malicious threats designed to be to attack through mobile networks increase, businesses need to ensure that they’re protecting themselves from them. By building a network wide policy control and enforcement system, these networks are guarded against malware. This network wide solution must include an application level security policy that protects against the types of traffic entering the network, including the web, SMS, MMS and so on.