The Importance of Mobile Policies Grows

Carl Weinschenk
Slide Show

Five Warning Signs Your Security Policy Is Lacking

Warning signs of a weak security policy from SunGard Availability Services

The fast-paced growth of mobility and its impact on corporate security is one of the key topics with which the business community is dealing. A study by Symantec finds something interesting and important: The actions of automated security tools-and, presumably, the things that folks are doing to trigger them-are different when they are in the office or on the road.

 

The vendor's MessageLabs Intelligence Report found that websites are blocked by the company's products 35 percent more often when people are outside the office. The study found that download blocks are five times more likely from mobile workers, and that shopping, search engine, personals and dating site prohibitions were more likely to be enforced. That means that people are trying to get to these sites more often. It is interesting that attempts to reach pornographic sites were more likely when the user was in the office than on the road.

 

The report implicitly points to the importance of effective mobile security policies. Indeed, policies affect a number of mobile security areas discussed by Brien Posey at TechRepublic. Posey, in a post this week outlining 10 things to consider about mobile device support, suggested that it is very important that employees are informed about policies.

 


Indeed, one possible policy is simply not allowing personal mobile devices, though Posey is against that approach. If allowed, the policy must state precisely what limitations are in place on access to valuable corporate assets. The post also suggests policies for devices that go missing.

 

The complexity of safely using mobile devices is evident in information, some of which was updated last week, from Northwestern University. This document offers a general orientation on how mobile devices should be handled. To some extent, it kicks the can down the road:

 

The rapid development and subsequent deployment of these devices precludes specific instructions so this document will provide general recommendations. It is your responsibility to consult the manual for your specific device in order to enable the specific features available on your device.
The document does link to a number of others. They seem to cover the gamut-they are on security policies, network policies, hardware policies, software polities, residential network policies and e-mail policies.

 

The twin keys are to establish a policy and to make sure it is understood, wrote Mark Lobel, a project leader with ISACA, an organization promotes good IT practices, and a principal at PricewaterhouseCoopers.

 

Creating a transparent, understandable and executable mobile security policy is the best way to protect intellectual property and sustain competitive advantage. Embrace, but educate. Don't wait for a major data breach- make sure your IT department has a governance model that will make your mobile device a workhorse-not a Trojan horse.

 

None of this is particularly new. But it is vitally important that organizations recognize the importance of creating mobile use policies and ensuring that employees know of their existence, as well as their content.



Add Comment      Leave a comment on this blog post

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

null
null

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.