Mobile Device Security
These gains come with additional risks, however. Every organization must identify the risks associated with mobile devices stemming from human factors to technology and architecture issues.
To benefit from the operational efficiencies gained from mobile device usage, organizations should implement controls to mitigate any associated risk.
Several areas should be reviewed to know how to best manage, control and secure mobile devices:
Mobile or BYOD Corporate Policy
A security policy should exist for mobile devices and should include procedures / rules for appropriate physical and logical handling, as well as controls pertaining to their secure usage to protect sensitive/protected data.
Mobile Software and Tools
Mobile devices should be safeguarded against malicious code through regularly scanning applications, programs and data. Antivirus software needs to be kept current.
Whether in transit (data in motion) or static (data at rest) all sensitive data should be encrypted for proper protection.
Secure Mobile Transmission
The mobile device user should connect to the corporate network via a secure connection, and sensitive information should be sufficiently protected.
Mobile Device Management
There should be an asset management process in place for tracking mobile devices. It should include incident response procedures for lost/stolen devices and a process for terminated employees.
Mobile Access Control
Role based access control (RBAC) must be implemented and systems configurations must include limiting access to sensitive data, especially by individuals utilizing mobile devices, and accessing shared files or network drives that contain data prohibited for mobile use.
Mobile, BYOD, and Security Awareness Training
Ongoing awareness training should be in place to address physical and logical security of mobile devices, corporate policy, applicable regulatory requirements, etc. and should include identifying types of information being stored on mobile devices.
How Loricca Can Help
Our experienced team will work with you to assess and ensure the security and protection of your mobile devices as well as the data and systems accessed by mobile devices. Loricca is here to help you identify and manage all of your compliance and information security needs.
Please contact us today to learn more about taking advantage of the productivity gains while avoiding the risks that mobile access can bring.