siliconindia logo
CIO City >>  Expert  >>  

Raghubir Singh

"Mobile devices are playing an everincreasing role in changing the way people live, work and communicate"
 

Mobile Devices To Minimize Threat, Loss And Risk

As the world becomes more interconnected, integrated and intelligent, mobile devices are playing an ever-increasing role in changing the way people live, work and communicate. But it is not just happening in personal life: Smartphones and tablets are also being rapidly adopted by enterprises as new work tools, joining existing laptops and desktops.

Mobility brings both advantages and risks to the enterprise. It:
- increase employees’ productivity,
- client response and
- reduce IT cost
 but on other side

- Risk of corporate data theft, as mobile devices are prone to theft or loss due to their smaller size and portability.

- Mobile devices are always on and connected, so vulnerability to malicious attacks increases through different communication channels

Security on mobile devices is top concern for IT executives as many mobile platforms are not natively designed to provide comprehensive security. The most frequently seen mobile device security threats are

- Loss and theft
- Malware
- Spam
- Phishing
- Bluetooth and Wi-Fi

No matter what the threats are, the targets that hackers try to access and exploit typically consist of one or several of the following:
- Credentials to access business or personal accounts
- Confidential business or personal information
- Phone or data communication services
- The mobile device itself

Creating a stringent strategy that defines guidelines and policies helps lay the foundation for a more security-rich mobile environment. This strategy should focus on several key areas as below:

- What, When and How- Data and resources should be accessible from mobile devices,
- What all platform we should support,
- What will be management methodology,
- How it will be managed and
- What are the Industry best practices.

A number of mobile security policies and best-practice procedures need to be put in place and should also be identified in the company’s mobile security strategic plan. Some of the best practices that have been exercised for desktops and laptops can be duplicated for mobile devices, such as:
-Specification of roles and responsibilities in managing and securing the devices
- Registration and inventory of mobile devices
- Efficient installation and configuration of security applications on devices
- Automatic update of security patches, polices and settings
- Reporting of security policy enforcement status
- Employee education on securing mobile devices

In Nutshell, in mobile security there is no single security solution that gives a complete protection. Just extending the existing security infrastructure for mobile devices simply isn't sufficient; however it can be part of complete framework. Enterprises must treat mobile security as an independent task, and mobile-usage specific security policies must be created and implemented.