Slideshow 9 Enterprise Mobile Security Essentials

  • February 01 2012, 6:43pm EST

Enforce Strong Security

While this may seem obvious, it’s also a basic foundation for more advance security. Require alphanumeric passcodes and encryption, and limit failed attempts. Also, consider master data management systems for provisioning and management, with the recognition that device data security may not be significantly enhanced by the MDM software.

Reduce Stored Data

Put a limit of a few days on email storage and restrict attachment downloads. More importantly, provide mobile access only to employees who actually need it, making sure those employees are made aware to keep highly sensitive data off email accessed through mobile devices.

Content Continues Below

Implement Clear, Strong Guidelines

Acceptable use and legal protections should be implemented in enterprise-owned devices. For bring-your-own-devices, policies should be set to acquire, audit and investigate those devices. Back up of corporate data on personal computers or the cloud from BYOD should be prohibited.

Harness More Secure Devices

ISACA members suggests limiting use to recent version of iOS and Android, as other devices such as iPhone 3G and the original Motorola Droid enable full access to device data. Fewer platforms with stronger security protocols will reduce exposure to risk.

Audit and Evolve

Continually audit mobile device security by selectively choosing those in use, and keep up on user education and training.

Content Continues Below

Message Securely

Custom-encrypted containers for messaging on a user device, such as an enterprise “sandbox,” can only be used with an additional passcode. While this can restrict usability for some, the extra passcode layer makes recovery of corporate data more difficult.

Set Up ‘Secure Delete’

Wipe unallocated space on the device on a regular schedule to cut down on the amount of data that could be recovered. Although this might reduce the lifespan of the device, it’s unlikely to make a negative impact during the useful life of the device, ISACA reports.

Manage Wi-Fi Connectivity

Wi-Fi may be convenient, but it also introduces security risks by adding a network between the mobile user and the enterprise data. MDM or platform software can be put in place to restrict access points that mitigate network security risks, though it can slow download speeds.

Content Continues Below

Evaluate Solutions

Increasingly, there are sophisticated mobile security solutions for enterprise devices. Often running at the kernel level, these solutions enable more control and auditing capabilities for specific devices and enterprise data and solutions.

9 Enterprise Mobile Security Essentials

For more on these recommendations from ISACA, click here. For the full report, from Ted J. Eull of member vendor viaForensics, click here. All images were used with permission from ThinkStock.