Mobile Device Security Policy Updating - dummies

Mobile Device Security Policy Updating

By Rich Campagna, Subbu Iyer, Ashwin Krishnan, Mark Bauhaus

To keep up with the current mobile device security environment, you need to update your enterprise’s mobility policies as well as think about supporting more than one device platform. Here are some of the areas in which to consider modifying your current mobility policy and ways that you can do it:

  • Current policy: You have a single-device policy; only one device is corporate-approved.

    Solution: Evolve to a multiplatform and multivendor policy, allowing devices of various platforms to access your corporate data. Allow more employee choice, while at the same time protecting your network. Explore mobile device management (MDM) solutions that support multiple mobile platforms, including Apple iOS, Google Android, Windows Mobile, Nokia Symbian, and BlackBerry.

  • Current policy: Your IT department manually downloads software to each mobile device, thereby increasing the deployment costs of pushing software to mobile devices.

    Solution: Explore solutions that allow the user to download software, such as the VPN application, from an app store without needing IT to intervene.

  • Current policy: You deploy endpoint security only for Windows.

    Solution: This is no longer a sufficient security solution. Look for solutions that can protect mobile devices from malware, viruses, and other threats.

  • Current policy: You have application policies in place only for Windows.

    Solution: Most enterprises have systems in place that can deploy applications to Windows PCs. You need to scale (adapt) this ability to mobile devices as well, to manage and control the apps that are installed on them. Explore solutions that give the ability to restrict apps on mobile devices to a list that you can manage.

  • Current policy: You have no loss and theft-prevention policy for mobile devices.

    Solution: Mobile users are vulnerable to losing valuable data on mobile devices when those devices are lost or stolen. Many enterprises lack the policies to mitigate the risk of losing sensitive data on such devices. Look for solutions that allow you to take immediate preventive action on lost or stolen devices.