Mobile device support

Mobile devices have been around in one form or another for many years, but only recently have they gained mainstream acceptance in enterprise environments. For IT pros, it’s important to understand the unique challenges associated with managing these devices. In this article, I will give you 10 things to think about.

1: Remember the importance of device consistency
It is usually impossible to issue each user exactly the same type of mobile device. Even if every user starts off with the same device, manufacturers phase out device models quickly and you may find that the devices that you initially purchased are no longer available when you need to buy a few more.

In spite of this, you should try to limit the number of models used in your organization. The greater the variety of devices being used, the more difficult it will be for your helpdesk to provide adequate support for the devices.

2: Use fully provisionable devices
Microsoft offers a few server products (Exchange Server 2007, Exchange Server 2010, and System Center Mobile Device Manager) that can apply various security policies to mobile devices. But because there’s no universal standard for mobile devices, those server products can manage only certain mobile operating systems. Since only fully provisionable devices can be completely managed, I recommend that you stick to using just those devices.

3: Make sure that users are aware of mobile device policies
There is a lot of potential for abuse when it comes to mobile devices. For instance, I recently heard of a woman using her company-issued mobile device to call her sister in Korea. I can only imagine the resulting phone bill. Unless you want to risk astronomical wireless bills, you must create an acceptable use policy for company issued mobile devices.

4: Take security seriously
Since mobile devices were first introduced, many IT professionals have ignored mobile device security issues. In a way, I can see why. Until recently, mobile devices lacked the software and the processing power to be much of a threat. Today though, mobile devices can run a rich set of applications and can store several gigabytes of data internally. As a result, it is essential that you take mobile device security seriously.

5: Decide whether to allow personal devices
If it hasn’t happened already, it’s only a matter of time before an employee asks you to set up his or her iPhone to receive corporate email. Make sure you create a policy regarding whether you will allow personal mobile devices to interact with corporate resources. My advice is that you should only allow the use of company issued devices, because your organization lacks the authority to properly secure and regulate devices it doesn’t own.

8:17 AM | 0 komentar | Read More

Security best practices for smartphone policies

Security best practices for smartphone policies
Smartphone security in the business environment requires a two-pronged approach: protect the phones from being compromised and protect the company network from being compromised by the compromised phones. Here are some security best practices that you can incorporate into your smartphone policies.

1. 1. Require users to enable PIN/password protection on their phones.
2. 2. Require users to use the strongest PINs/passwords on their phones.
3. 3. Require users to encrypt data stored on their phones.
4. 4. Require users to install mobile security software on their phones to protect against viruses and malware.
5. 5. Educate users to turn off the applications that aren’t needed. This will not only reduce the attack surface, it will also increase battery life.
6. 6. Have users turn off Bluetooth, Wi-Fi, and GPS when not specifically in use.
7. 7. Have users connect to the corporate network through an SSL VPN.
8. 8. Consider deploying smartphone security, monitoring, and management software such as that offered by Juniper Networks for Windows Mobile, Symbian, iPhone, Android, and BlackBerry.
9. 9. Some smartphones can be configured to use your rights management system to prevent unauthorized persons from viewing data or to prevent authorized users from copying or forwarding it.
10. 10. Carefully consider a risk/benefits analysis when making the decision to allow employee-owned smartphones to connect to the corporate network.

8:15 AM | 0 komentar | Read More

Smartphone enterprise security risks

If your organization allows users to connect their smartphones to the corporate network, read about potential security risks, and learn best practices for your company’s smartphone policies.

If your organization allows users to connect their smartphones to the company network, you need to consider the following potential security risks and then develop policies for addressing those issues. I also list 10 security best practices for your company’s smartphone policies.

Potential smartphone security risks

Lack of security software
Smartphones can be infected by malware delivered across the Internet connection, or from an infected PC when the phone is connected to the PC over USB to sync data. It’s even possible to infect the phone via a Bluetooth connection. It’s a good idea to require that those users who connect their smartphones to your network install security software on the devices.

Mobile security software is available for all of the major smartphone platforms. Some of the most popular mobile security suites include Kaspersky Mobile Security, Trend Micro Mobile Security, F-Secure Mobile Security, and Norton’s mobile security products.

8:13 AM | 0 komentar | Read More