Mobile Security 101: An Executive Guide to Mobile Security

Critical enterprise information is leaking onto mobile devices whose risk of loss or theft is much higher than it is for PCs at the office.

Who is responsible for device security?

Ultimately, the CEO is responsible for the loss of secret information, such as competitive data, trade secrets or customer information. In practice, the buck stops with the CSO or CIO, depending on your organisational chart. Meanwhile, network administrators, client management leads, department heads and individual users share implementation responsibility. The CSO or CIO should set the policies as to what data may be stored on mobile devices, what level of protection is required for different types of data, and what access to internal systems various mobile devices may have. Often, these policies are part of the overall data management and access management policies that cover desktop users and remote users.

The network administrator and IT chief responsible for client management typically choose the tools to ensure that password, VPN, access control and malware-protection requirements are met. They may also determine which types of mobile devices are authorised for use with company data and services, based on the level of security they can enforce on the various devices. Business managers and users are responsible for following these policies, and for not trying to work around the policies by using personal devices with forbidden company data and services — an easy temptation when you already have a PDA, iPod, smart phone or USB drive and see no harm in using it for work purposes.

What security do mobile devices need?

Some mobile devices — particularly laptops — have a clear set of risks, since they are portable computers that can store valuable data and include applications that access your network and enterprise resources. A stolen laptop can be a treasure trove of critical data as well as an easy conduit into your enterprise’s systems. But other devices — PDAs, smart phones, iPods and USB “thumb drives,” for example — that seem innocuous can also expose your company’s data or provide outsiders access to your systems if not properly secured.

Some of these security threats are handled at the network level — such as requiring the use of authentication and VPNs for remote access into corporate systems — for PCs, laptops and handhelds alike. Some of these security threats are part of your client management tools, such as password policy enforcement and malware detection. But mobile devices typically need extra protection of the data they store, in the form of encryption, so a lost or stolen device can’t become a treasure trove for data thieves. (And most states require that companies report any loss of unencrypted data involving consumers’ private information, a disclosure that is not only costly to execute but even more expensive in terms of lost trust.) In some cases, mobile devices may need extra protection such as the use of hardware-based authentication tokens so a thief can’t access your enterprise network even if he discovers the user’s password.

Join the PC World newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags smartphonenotebookspdalaptop securitymobilityexec series 101mobile securitysecurty

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Armand Abogado

HP OfficeJet 250 Mobile Printer

Wireless printing from my iPhone was also a handy feature, the whole experience was quick and seamless with no setup requirements - accessed through the default iOS printing menu options.

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?