I bought in my iPad can I use it for work?

3D Small People - Flight On PhoneMobile devices are invading our homes, workspace, businesses and organisations.   They are being demanded by workers, Y gen users and teenagers.   Management are always in the situation of trying to catch up with their use and fold them into their business model.

One of the major problems with mobile devices is the how do you secure them and what needs to be secured on the device.    Mobile defence and security consists of 3 areas – the device itself, the data, apps and access to information and the rest of the network.

Here are some ideas for making sure that mobile devices are as secure as possible.

The device – what happens if the device is lost or stolen?    Without a good security strategy it would not matter if the device is issued by the company or it is personal there will be incriminating and business critical information available on the device.   Passwords and encryption is widely used to restrict access to mobile devices, even home users can use
“mobileme” to find their iPhone / iPad or set it up that after 5 failed attempts at access it wipes the device and can only be reactivated by talking to the provider with the account holders information.   There are even better applications available at a business and corporate level.

In the business world it depends on whether you only allow access to the business through business supplied devices or it is open slather you still need to have some level of control.
If you control the device then you can wipe the device if it is lost, stolen or misplaced without any repercussions.   You also need to ensure that all devices have some level of backup and
recovery feature to ensure that important business data is not lost.   If the business doesn’t own the device then you also need to ensure that control over the system allows for the remote
removal of information deemed business critical.

The data, apps and access information that is on a device can be business critical.   Specific apps developed for the business may have critical implications if accessed by unauthorised people on a stolen device.  Some applications also deliver and retain business data on the device itself.   Finally all of those web sites or applications that have access to personal information – banking software, linked in, Facebook, what happens if that information is compromised.   As a safety system never allow the device to save your password, yes I know it is so convenient to have that one click access but!

The use of mobile devices is also compliant on the main business security strategy.   They should always comply with traditional defences like firewalls, encryption and secure passwords and should not be used as a bypass for information access on the business network.   If possible wireless access to information through a device should be done through separate network
access and VPN’s thus adding additional levels of protection and security.

How you protect your information is compliant on your business security strategy.   If you want your people to bring in their own devices or you are going to supply them then
that is your decision but it needs to fit in with your business direction and requirements.    If you have staff that constantly loose or misplace equipment I would seriously think about making the systems as secure as possible.

Posted in IT Security and tagged , , , , , , .