Advertisement
Promo
Mobile Security

Top tips for improving mobile security

Cath Everett ZDNet.co.uk

Published: 30 Oct 2007 17:43 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

...it could also be worth considering two-factor authentication, which includes digital certificates and biometrics, remote monitoring and data-wiping offerings.

5. Don't be shy about using the built-in security features of mobile devices themselves
One idea is to encourage users to lock up their devices when they're not using them. If you can, get them to create a password to lock up the SIM card on their mobile phones, for example, or to turn off services such as Bluetooth and Wi-Fi if they don't need them just at that moment. Also ensure that software, such as antivirus programs, is kept up-to-date and, if such software doesn't come as part of the package, then add it yourself.

6. To do this successfully, however, will entail standardising on one or more company-owned devices, rather than allowing an explosion of uncontrolled consumer gadgets to occur
More than a third of respondents in Rhetorik's survey said that they had banned the use of consumer devices, but a huge 51 percent said they routinely employ a mix of personal and company-owned gadgets, while about eight percent use only their own handhelds.

While the use of consumer devices may appear to be a cheap way of doing things on the surface, it does generate problems — and hidden costs aplenty.

Firstly, it makes it more likely that IT managers will be unaware of exactly what technology is in use in their organisations, making it more difficult to take appropriate action.

Secondly, failing to standardise means that you can end up with a wide range of devices knocking about that are difficult and time-consuming to configure, secure, support and manage because they don't belong to the company but to individuals, which makes them more difficult to control centrally.

Thirdly, because gadgets are getting smaller and more sophisticated, it's increasingly difficult to know who is carrying what around in their pockets. The problem here is that, because these devices are essentially fancy storage devices, disgruntled individuals can use them to steal information. They can also act as a reservoir for viruses and worms and, therefore, pose the risk that they may infect the corporate network if they're left to run unchecked.

The aim is to find a balance: you're happy that you've done what you can and they're happy because they don't need a 10-page manual just to try and start up their handheld

Finally, consumer devices, unlike their enterprise cousins, rarely have much security functionality built in, beyond notoriously insecure password protection which most users decline to activate anyway, because this would add to their price tag. This means that, if they are lost or stolen, sensitive corporate data, including emails, may all too easily become prey to prying eyes.

7. Always be careful to balance security issues against usability considerations
This one's tricky. While, by instinct, IT managers would prefer to lock down everything that moves to save it from harm, in practice, the reason that users are so keen on mobile technology in the first place is that it's convenient, flexible and helps them to do their jobs better — important considerations that shouldn't be overlooked, not least because, if you don't get it right, they're likely to simply ignore you or introduce workarounds.

So your best bet is to talk to people, find out what their requirements are and weigh them up against the risks. The aim is to find a balance so that everyone gets the best of both worlds: you're happy that you've done what you can and they're happy because they don't need a 10-page manual just to try and start up their handheld.

8. And last, but by no means least, don't forget the dangers of wireless networks
The problem with wireless networks, whether they're inside or outside the enterprise, is that they're inherently insecure. While the situation is somewhat better than it used to be, even in-house you have to be meticulous about adding extra security protection or even limiting usage to segregated visitor areas.

Outside in the big wide world, however, where mobile workers may well be using hideously insecure hotspots in cafes or airports, much danger awaits. And, in this scenario, it is simply imperative that devices are protected by everything that can be mustered, from firewalls and antivirus software to intrusion-detection systems. SSL VPNs are just as imperative in their own way for securing remote communications, and network access should strictly be prohibited without one.

Are there are any other tips you can think of in terms of how to go about securing mobile devices effectively? If so, post a comment at the bottom of the page and let us know.

Next

Previous

1 2


  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON
Mobile Security

Did you find this article useful?


In association with Network Liberation Movement

Talkback

Post a comment


Full Talkback thread

3 comments

  1. VPNs for mobile devices mattloney ZD
  2. Mobile VPN NetMotion
  3. Enterprise mobility = laptops, PDAs and... NetMotion_Wireless

Related Links

More in this Special Report

Mobile security: Flexibility vs control

Mobile security: Flexibility vs control

Orange's Michael Lawrence discusses the opportunities and threats created by the proliferation of types of mobile device and application now available to businesses more

The realities of mobile security

The realities of mobile security

Research by ZDNet.co.uk and Rhetorik Market Intelligence has revealed that companies are not taking the security of mobile devices as seriously as they could more

Research: The lowdown on mobile security

Research: The lowdown on mobile security

Research conducted by Rhetorik Market Intelligence and ZDNet.co.uk has revealed that companies are being left behind when it comes securing mobile devices more

The dangers of taking consumer tech to work

The dangers of taking consumer tech to work

From iPhones to Facebook, consumer technologies are increasingly being used inside supposedly locked-down businesses, posing real security risks more

Keeping tabs on mobile security

Keeping tabs on mobile security

Rick Paskins, managing director of Rhetorik Market Intelligence, discusses the results of research carried out by his organisation on behalf of ZDNet.co.uk into UK businesses' attitudes towards the security of mobile devices more

Top tips for improving mobile security

Top tips for improving mobile security

While mobile devices may be a dream tool for staff, they can be a security nightmare for IT management more

BT launches secure mail services

BT launches secure mail services

The company has started two messaging security services, BT Secure Mail and Encrypted Message Exchange more

Symantec to acquire data-security company

Symantec to acquire data-security company

The security giant is to purchase Vontu, which aims to help businesses from losing their data to outsiders, for £168m more

Gphone vs iPhone: The security debate

Gphone vs iPhone: The security debate

Google's recent announcement of Android has sparked a debate over whether the mobile Linux platform will prove more secure than Apple's proprietary iPhone more


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters