Every smartphone or PDA employees have is a potential entry point into the network, or an unsecured node from which corporate information may leak.
Stolen smartphones and PDAs, viruses and lack of security on the devices themselves all pose a threat. Due to their very nature they`re easier to lose or steal, they`re affordable so employees buy their own devices and bring them into the corporate environment, and the devices are constantly changing, making device management difficult.
The problem, according to Gartner, is that "no single security product or procedure can provide full protection or address all issues of mobile security". What can help, Gartner says, is a set of practices and tools that complement each other.
According to a Gartner report entitled "How to ensure PDAs and smartphones don`t compromise business security, 2006", companies need to consider the following:
* Establish clear policies regarding the use of privately-owned mobile devices.
* Know your mobile device-installed base.
* Ensure storage security by implementing data encryption for all stored data on PDAs and smartphones.
* Establish security practices that ensure strong user and device authentication for data access.
* Adopt a business standard for e-mail gateway and synchronisation software.
* Set up procedures for frequent backup.
* Consider employing tools for centralised management.
* Shut down, limit and set up firewalls for networking services that are not needed or should not run at default permissions.
* Train users.
Gartner says businesses need to establish strong policies that can be implemented with continuity in all situations. "No single security product or procedure can provide full protection or address all issues of mobile security. Only a set of practices that complement each other will provide a more comprehensive approach to security. To anticipate and minimise vulnerabilities, businesses need to prioritise practices that keep the hand-held environment under control and protect the data stored and moved in and out of the enterprise network."
Source: "How to ensure PDAs and smartphones don`t compromise business security, 2006", courtesy of Gartner Africa.
Share