Mobile Device Security: Mobile device, such as laptops, tablet computers, and Smartphones, provide security challenges above those of desktops workstations, servers, and such in that they leave the office and this increases the odds of their theft.
In 2010, AvMed Health Plans, a Florida-based company, had two laptops computer stolen. Together, over one million personal customer records were on those computers, and this is but one of many stories that happen on a regular basis.
Top 10 Mobile Devices Security
At a bare minimum, the following security measures should be in place on mobile devices.
Screen Lock The display should be configured to time our after a short period of inactivity and the screen locked with a password.
To be able to access the system again, the user must provide the password. After a certain number of attempts, the user should not be allowed to attempt any additional logons; this is called lockout.
Strong Password Passwords are always important, but even more so when you consider that the device could be stolen and in the possession of someone who has unlimited access and time to try various values.
Device Encryption Data should be encrypted on the device so that if it does fall into the wrong hands, it can’t be accessed in a usable form without the correct passwords.
We recommend that you use Trusted Platform Module (TPM).
Remote Wipe/Sanitation Many programs, such as Microsoft Exchange Server 2010 or Google apps, allow you to send a command to a phone that will remotely clear the data on that phone.
This process is known as remote wipe, and it is intended to be used if the phone is stolen or going to another user.
Voice Encryption Voice encryption can be used with mobile phones and similar devices to encrypt transmission.
This is intended to keep the conversation secure and works by the adding cryptography to the digitized conversations.
GPS Tracking Should a device be stole, GPS (Global Positioning System) tracking can be used to identify its location and allow authorities to find it.
Note that removable storage can circumvent GPS. For example, if a device has GPS tracking but it also has removable storage, a thief can simply remove the data they want to leave the device.
Application Control Application control is primarily concerned with controlling what applications are installed on the mobile device.
Most viruses that are found on Android phones stem from bad applications being installed. Related to application control is disabling unused services. If you do not need a service, turn it off.
Storage Segmentation By segmenting a mobile device’s storage you can keep work data separate from personal or operating system data.
You can even implement whole devices encryption or just encrypt the confidential data.
Asset Tracking You must have a method of asset tracking. It can be as simple as a serial number etched in the device or as complex as GPS locator.
Related to this is inventory control. A complete and accurate list of all devices is an integral part of mobile device management.
Device Access Control Device access control, in this context, refers to controlling who in the organization has a mobile device. Not every employee should have one. Limiting access to such devices reduces risk.
If you have any question regarding top 10 mobile devices security click here to ask.