In 2013, there will be more threats to mobile devices than ever, including company data leakage, mobile-based viruses, and more. Malware and spyware can target mobile devices with little difficulty, and paired with the “bring your own device” phenomenon, companies are often left as sitting ducks to attacks.
IT managers need to address mobile security firsthand as threats become increasingly imminent. Before any company data can be protected from malware or spyware or dangerous hack attempts, organizations should draft rules, regulations and a disaster recovery plan for employees, giving the company more control over work devices and solutions should a security breach occur. Here are a few reasons, as identified by Dave Wilkeson, chief technology officer, DRS, LLC, why mobile security will be more important in 2013 than ever before and a few tips companies can use to address it.
Click through for six reasons mobile security should top your company’s priority list in 2013, as identified by Dave Wilkeson, chief technology officer, DRS, LLC.
Every company employee probably has at least one mobile device. Chances are that the minute an employee walks into the office, their device is connected to the network. If the device has a virus or malware, it can infect your network or give outsiders access to your data.
It can be difficult to identify mobile risks and ways to address risks without an effective security strategy. By establishing a concrete security plan, a company can chart a course to mobile security. Often, the very first step that needs to be taken is simply educating employees on the risks of mobile use and ways to mitigate those risks. Something as simple as making all devices connected to your network have an unlock pin can make a big security difference in the long run.
It can be difficult to identify every network-connected device without an up-to-date wireless infrastructure. This technology makes it easy to block devices from connecting and require more than just one general Web key to connect. Enhanced authentication processes requiring additional forms of identification can be enforced so individual people can be allowed or denied access, and mobile devices can be associated with specific users.
In the age of virtualization and the cloud, devices are probably linked to a cloud application like Apple iCloud. This means that any data put on that device for work may also end up on iCloud, outside the control of the user or company. One way to combat this is to put enterprise applications on a cloud that can be directly accessed from employee devices.
Mobile device management (MDM) is expensive, but another technology your IT department must handle even with limited bandwidth. Whether you implement an MDM program internally or outsource it, a large portion of data and network threats may be alleviated. MDM programs are a great asset because they have services such as tracking, which can locate mobile devices if they are stolen or lost, and sandboxing, so work and personal applications can be separated on the same device. In addition, remote wipe capabilities remove applications like email in the event that an employee leaves a company and could potentially be a security threat.
Establishing a new mobile security plan brings legal issues into play. Devices are usually personal property, which brings into play a number of complexities not seen with other corporate property. Tracking devices after hours or on breaks, remote wiping a mobile device containing personal photos, and asking an employee to respond to emails or texts outside of their normal work hours all bring up complex legal and contractual issues that must be addressed.