jump to navigation

Mobile Security Practices December 6, 2013

Posted by karlkaluzny in Security.
trackback

The use of mobile technology is becoming more and more common among businesses today.  This necessarily will create a great deal of new security risks.  Ericka Chickowski wrote an article discussing the ten best mobile security practices for Baseline.com. [1]  The ten best practices that were outlined are listed below.

–          Choose devices carefully

–          Turn on encryption

–          Require authentication

–          Utilize remote wipe capabilities

–          Run a lost phone hotline

–          Control third-party apps

–          Set unique firewall policies

–          Use intrusion prevention software

–          Keep an open mind about AV

–          Use Bluetooth carefully

Upon reflection of these ten practices, I think that there are a couple of interesting observations to be made.  First, several of these practices are very simple steps which can be taken by the user (turn on encryption, require authentication, use Bluetooth carefully).  If these are not used by the user, then it is almost only due to laziness.  This means that phones can be fairly secure with little to no effort and extra cost.

A second observation is that there will inevitably be a battle between security and freedom with mobile devices made for work.  Most people have a preference for which type of mobile device they would like to use.  However, it is in the best interest of an organization to mandate which type of mobile device that employees are allowed to use because maintaining one type of device rather than several is the easiest.  Additionally, organization will want to monitor the activity of the phone, and install AV software or firewalls which could hurt the device’s performance, which will also be not liked by users.

The use of mobile devices at my organization is still quite rare.  It is possible to like work email to phones, by to my knowledge that is the extent of the capabilities currently.  If email is linked to a phone, then it is required that several steps be taken to secure the phone, such as using a password.  I do not imagine mobile devices becoming very common or useful at my job in particular as it is mostly software development with little interaction with a customer.

References

[1] Chickowski, Ericka. 10 Mobile Security Best Practices. Baseline. Posted February 26, 2009. http://www.baselinemag.com/c/a/Mobile-and-Wireless/10-Mobile-Security-Best-Practices/

Advertisements

Comments»

No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: