Our world is going increasingly mobile with many people bringing their own phones and tablets into the workplace. This trend is creating a security nightmare for IT people trying to protect their unsecure networks.
Business mobile security should be part of the discussions you are having within your company about protecting your network because your mobile devices could become your weakest security link.
Here are four things to do to ensure mobile devices don’t threaten your network security.
1. Mobile Devices Should Only Connect Through ActiveSync
In order to use ActiveSync technology, your email should be hosted either through on premise Exchange or Cloud-based Office 365. This allows you to set certain policies (detailed below) to increase security even if you don’t own the devices your staff are using.
2. Force Passwords on Any Device Connecting to Email
Any phone in your office that can access company email or other sensitive data should not be accessible unless you type in a 4-6 digit numeric password.
Imagine if one of your colleagues lost their phone in a cab or at a restaurant. If someone can pick up that phone and look at email on it, you have a huge security breach. A simple password will prevent this.
3. Enable Remote-Wipe of Email on Mobile Devices
ActiveSync will allow you to remotely wipe the email data off of a smartphone or tablet, even if it’s not a company-owned device. This is important in case a device is lost or stolen, or an employee leaves a company.
4. Set Mobile Device Policies Company-Wide
This is a more advanced option that we recommend once you have accomplished steps 1-3 above. Your computers have policies company-wide and the same thing should be implemented for mobile devices.
There is a growing industry of software companies making solutions for mobile device management. This includes tracking devices, limiting the types of applications that can be installed and how the mobile devices can be used. In sensitive industries like health care, this type of approach is important.
By taking these four steps you will be ahead of many small and medium-sized organizations out there who are either ignoring mobile phone security or struggling with the best practices to manage it.