devices have sensitive corporate data on them. Securing that data should be a high priority for any IT manager.
The article highlights several issues that are important to consider in setting a mobile device security policy:
- Authentication -- This has to do with password management. For example, how often a password must be changed or how many invalid tries are allowed before the device is disabled. How complex must the password be?
- Lost or stolen device -- A stolen device is clearly a security threat, whereas a lost device may be nothing more than a nuisance. The issue here, is: under what circumstances should remote destruction or disabling of the device occur.
- Backup and restore -- If a device could be lost or stolen, there should be a defined procedure for backing up and restoring the data to another device.
- Storage cards -- Storage cards are a convenient way to expand memory, but they're also portable and thus a security risk. Do you ban them? Or, encrypt them?
- Applications -- Users can work their way around restrictive policies by installing other application software. A good security policy needs to set limits on what users can install on their devices.
- Information transfer -- Any time data is transferred to or from the device, there's a potential for theft. To what extent, and under what circumstances, should wireless be allowed? How secure is the network?
Finally, the article lists a number of products that can be useful in establishing a comprehensive mobile security policy.
Read the full Geekzone article
Related stories: 
