Mobile Security Best Practices

Posted by Jim Van on August 19, 2011 under data security, eOffice, mobility, portability, security, small business | 2 Comments to Read

We continue our focus on security with this week’s post: Mobile Security.

With the explosion of mobile devices, particularly smartphone and tablets, there’s been an explosion of potential data exposure. So what’s a person to do?

Of course, the best practice is not to store sensitive data on mobile devices in the first place. Instead, keep data on servers, either inside company firewall, or on a secure cloud-based server. Restrict access to authorized users in a view-only mode, where the data cannot be downloaded nor copied.

Not only does this policy protect data accessed by mobile devices, but also by workstations in the office as well. In this fashion, users can access and even work on data from almost anywhere there is an internet connection, while keeping the data protected, either behind a company firewall or on a secure cloud server.

There IS however, one data source that almost always resides on the mobile device that can be classified as sensitive: call lists. For example, perhaps your employees have names, numbers and information about clients on their smartphone. That data should be comapany confidential, as it is, after all, the lifeblood of any business (its customer base). How does one protect that?

There are a couple of different approaches:

  1. Use a hosted phone provider to place calls from all phones. Store the client data on the hosted phone server, which provides smartphone and tablet users with client information from the server, and does not reside on the portable device.
  2. Use an anti-theft software application, which can destroy data on a portable device at the click of a moouse. In this fashion, if the device is ever lost or stolen, the data can be destroyed before being accessed by unauthorized users.
  3. Make sure each device has a password lock. It’s far more difficult to access the data on a mobile device when it is locked and requires a password to unlock it. Most devices offer this for free.

Additionally, virtually every security software manufacturer, such as McAfee, Trend, Symantec, Kaspersky and the like, offers modules that cover mobile devices. These are generally low-cost and worth the investment over the 12-month subscription.

Yet another threat is the use by employees of their personal devices to access company data. There should be a strict rule that those who choose to use their personal devices to access and user company data are required to use company security policies as though the device is a company device. Best practice, though, is for them to have a company-owned device. Keeping personal devices off the network, if possible, will cut security risks to the company network by 40% or better.

Share

  • Noreen said,

    My question is: when you say ‘hosted phone provider’, does that mean someone different than my cell phone carrier (AT&T)?

    The other question: I’m probably getting an iPad over the next month or two. Am I ok in getting a Wi-Fi only model, or should I choose a cellular mode? And should I get a larger storage model, like a 32 or even a 64-bit model?

    If you have a lot of knowledge about iPads, that would be a welcome post here.

  • Jim Van said,

    Noreen: thanks for both your posts…I’m glad you’re doing well on your own, and hope the momentum continues:)

    Answering a couple of questions you posed:

    1. Hosted phone provider – many small organizations are using hosted systems to handle both inbound and outbound calls. Phone.com is a great example, but there are many others. Specifically, when using a Wi-Fi-type phone (as opposed to cellular), it’s always better to use a hosted provider, such as Phone.com, rather than a more public type provider, such as Skype, Google, Yahoo and the like because of the risk of having your conversations intercepted. Using your cell carrier is fine, tho more costly….
    2. You’re a step ahead of me, as in late Oct, I plan on a series of posts regarding the iPad and tablets in general. They’re quickly taking the place of bulkier laptops for many, as a large majority of tasks can be performed on them vs. a bulkier laptop. To answer the second half of your question, personally, I use a Wi-Fi-only model, and have 32gb of storage because I tend to store a few presentations and images that I use when on the road. According to the folks at my local Apple store, 64gb is overkill, unless you store a lot of art images on your pad. Wi-Fi is so ubiquitous these days, that it’s rare I’m somewhere that I’d need cell coverage for what I do with my iPad. That’s an issue you need to think about, but I think if you’re like most people, you’ll do fine without it.

    Again, we’ll be getting more in-depth late October/early November with iPad/tablet discussions.

Add A Comment

home top