Successful Mobile Security Strategies

Updated: August 20, 2012

Issue

As laptops, smartphones, media players and USB storage devices proliferate, business owners and managers are finding themselves fighting a security war that involves multiple fronts and moving targets. Lost and stolen devices, leaky wireless links, sneaky employees and malware outbreaks are among the threats facing businesses with roaming employees.

Technology research firm Forrester warns that only 9 percent of companies use mobile-management tools. Others make do with written or informal management methods. In any event, mobile-device security is a challenge that can be met and managed through a combination of knowledge and strategic practices. Here's a look at the leading mobile security threats and how they can be effectively addressed.

 

Analysis

 

Mobile devices: Any laptop, smartphone or other mobile device containing sensitive business data must be locked down with encryption software. Tools are available from numerous vendors, including PGP Corp, TrueCrypt Foundation, Data Encryption Systems, SJ NAMO and T3 US .

Mobile devices also need to be "hardened" to prevent users from modifying settings and disabling security technologies when out in the field. If you don't know how to do this, find a security expert who can help you make your units tamperproof.

Stolen or lost laptops can be tracked down with the help of a service that specializes in such activities. CompuTrace, a service operated by Absolute Software, automatically tracks missing systems. As soon as someone in possession of a laptop that has been reported stolen or lost signs on to the Internet, CompuTrace activates and notifies the police. In the event the thief doesn't use the laptop to log on to the Internet or it can't be located by the authorities, laptop data is still safeguarded by encryption.

Wifi devices: To ensure wireless security, all mobile wifi devices must include some type of wireless-security technology. The initial wireless network security standard — WEP (Wired Equivalent Privacy) — was an easy-to-crack technology. But more recent specifications, such as WPA (WiFi Protected Access), WPA2 and IEEE 802.11i are powerful security tools.

Bluetooth-enabled gadgets: Wireless attackers can take advantage of Bluetooth connections to access or download information onto a device. To avoid unauthorized access, instruct users to disable Bluetooth whenever they are not using it.

Camera phones: Camera phones are a potential danger that is often overlooked. The devices can be used to photograph business secrets. Employees have also been known to use camera phones to snap photos of fellow workers in embarrassing or compromising situations. The laughter quickly subsides, however, when an offended worker files a harassment lawsuit.

Media players/USB storage devices: Several different kinds of consumer gadgets can pose significant security threats to any business. Media players, for example, can be used to store files other than songs and videos — such as top-secret reports and proprietary customer lists. Portable USB drives and memory sticks present a similar menace. The devices are small enough to fit inside of a pocket, yet they have enough capacity to store vast amounts of business information. This is why a growing number of businesses are sealing up or removing USB ports on employee workstations, as well as creating strict acceptable-use guidelines for portable storage devices.


Next Steps

 

Effectively managing mobile-device security requires a strategy that will safeguard enterprise data while giving employees the flexibility to use emerging technologies in new and productive ways. Here's what your company's plan needs to include:

  • A formal device-management strategy
  • Use of laptop encryption and a wireless encryption protocol
  • A mobile-device usage policy that tells employees which devices and practices are permitted and prohibited
  • A mobile-oriented security solution — server-based software installed inside the firewall that will secure email and other vulnerable services
  • End user involvement and insight
Featured Research