Most companies let employees use their work devices to access personal information or let them use personal devices to access work information. With the rapid proliferation of mobile devices not slowing down, malware infections are on the rise, growing 163% in 2012. Just like the golden days of Netscape Navigator and those AOL discs in the mail, hackers are more than happy to take advantage of this vast new crop of unprotected devices.
But it’s not only hackers we need to guard against. We need to make sure other scenarios are covered, such as What happens when my phone is lost or stolen? Or, How do I prevent a data breach? And, How can I manage all this stuff? So with all this in mind, let’s go down the list:
Mobile Device ManagementI won’t get into which system is best; this is a growing sector with a wide spectrum of offerings. What I will say is to find a solution from a reputable vendor, with the features you are looking for, that allows you to effectively manage the devices used at your company. Some features to look for are support for ALL the platforms your employees use, remote locking and wiping, solid app management, connectivity controls (VPN, proxy, mobile data, wifi, etc), easy enrollment, robust security with document protection & encryption options, and integration with your PC management tools.
AuthenticationHow many of us just slide a finger to the right to unlock our devices? I’m betting more than half. Whether you choose a secure pattern, a pin or password, your fingerprint, or your face, make sure you are the only person who can get past your lock screen. This is the first line of defense when your phone ends up in someone else’s hands.
Remote Location & WipingThis is most likely a part of your Mobile Device Management solution, but there are plenty of good stand-alone apps that do a great job with this too. When an employee device is lost or stolen, swift action is a must. Sure, using GPS to track down a thief is enticing, but the main focus of IT should be to keep company data secure by locking and/or wiping. This means employees need a fast, easy way to alert IT of the situation, whether it’s a phone number, email address, or secure web page. For some organizations, it might make more sense to put employees in charge of handling the wipe. Whatever the procedure, have a plan in place that everyone can follow in a moment of panic.
Bluetooth & NFCTurn them off. Unless using a headset or sharing a photo with a friend, these tools are open doors into your devices. Both are hackable with the right tools, and can present real security risks. Viruses have been found that spread from phone to phone via Bluetooth. So, keep them disabled when not in use, and if your device supports hidden mode, use that too. Some guidelines on using Bluetooth wisely can be found here.
Firewall Policies for Mobile DevicesWhen devices travel around the city, or the country, they are exposed to all kinds of risks not present in the office. When these same devices return to the office and connect to the company network, they could cause trouble if infected. Setting up separate firewall policies for smartphones and tablets will help mitigate this risk. Most likely, these devices don’t need access to the same data or systems that PCs do, and so they should be blocked. Closing off as many holes as possible is the name of the game, so whitelisting only what’s needed is always better than blacklisting known dangers.
We’ve only skimmed the surface here, but the criteria covered above should serve as a solid starting point to develop a secured mobile workforce. As devices grow in diversity and capability, new variables will enter the equation. As always, keep yourself informed and keep employees informed to keep your company secure.