Five Steps to Mobile Device Management and Security

As more employees bring smartphones and tablets to work, managing the devices, securing data, and fighting malware is critical.

First there were sewing-machine sized portable PCs, then laptops, the Newton, the Palm Pilot, and phones with built-in PDA functions. The iPhone led the way to the ubiquitous smartphone, and the iPad ushered in an era of tablets. Now wireless hotspots, printers, storage, and a variety of other devices are making their way onto your office network, possibly without the knowledge of managers.

These devices have the potential to compromise security, whether by introducing malware onto other devices on your network, or transporting company data outside the network. Fortunately, antivirus and encryption apps are available for all the major smartphone and tablet platforms, and most allow remote management.

1. Create Formal Policies for Mobile Devices

You can’t ask users to abide by a security policy if you don’t have one. It doesn’t have to be a long document that covers every possible contingency. A brief statement about protecting corporate assets will not only be easier to understand and remember, but easier to get buy-in on from users. Make clear that the rules aren'tt simply to make users' lives harder, but to protect the organization.

2. Create Your Own App Store

Create a list of the recommended or required applications--such as encryption software, an anti-virus client, and VPN software--for each mobile device or platform you’ll be supporting. You can create an internal website with links to the appropriate download sites. Help the users understand the easiest way to install and use these applications.

3. Control Wireless Access

Most wireless access points allow you to set up two or more networks, a trusted network for authorized devices, and a quest network for all others. You can maintain a list of authorized devices, and all others will only be able to connect to a guest network that gives Internet access but not access to the company network.

To ensure that devices can’t circumvent security while connected to a PC or other device, you can run a management server that can control access to USB ports, lock down synchronization applications such as ActiveSync or iTunes, and control which files can be transferred to a mobile device or portable storage.

4. Consider Network Access Control

Network Access Control (NAC) systems monitor the network and check any device that tries to connect for specific parameters, such as an up-to-date anti-virus client, patch levels, particular applications such as encryption or VPN apps, and settings such as ensuring that passwords are properly complex. NAC systems help secure the network by ensuring that devices that are insecure or may have malware loaded, or that don’t properly encrypt data, cannot connect to the network.

5. Create a Policy Server

Each of the major operating systems, such as Android and iOS, can be used with a policy and management server such as System Center Configuration Manager or SELinux Policy Server. These servers allow you to access mobile devices remotely, wipe them if they are stolen, install necessary applications anti-virus clients, load patches to the OS or applications, and ensure that any data copied to the device is properly encrypted.

Join the CSO newsletter!

Error: Please check your email address.

Tags online securityPalmtablet PCsecuritymobile securitywireless securityBusiness Center

More about etworkLinuxPalm

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Logan G. Harbaugh

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place