The UK’s Communications-Electronics Security Group (CESG) recently released guidelines for planning a secure mobile environment. Many of these tips are helpful for organizations who are struggling with creating policies for employee-owned devices (BYOD) or creating a framework for a corporate-owned device framework.
In a nutshell, security should not be obtrusive to the end-user, should make use of native tools for ease of deployment and focus on interoperability since the environments will support a range of tools and systems.
In order to ensure data is secure when accessed by mobile devices, there are a few key tenets:
- authenticate users when accessing official data
- use a VPN to access official data in order to ensure a secure pathway
- limit application installation to whitelisted apps
- rely on a responsive OS vendor that deploys security patches and operating systems updates to quickly and regularly
We all know mobile devices are becoming more pervasive. The best way to keep your company data secure is to be proactive about assessing the risks and potential issues with the devices in use in your organization, and design a clear policy for configuration and usage for each device type.
While some mobile devices have native apps that will let you locate, lock and wipe your device – that basic level of security isn’t enough to ensure devices are being used safely with your company’s data. Learn more about how Clutch Mobile’s network-based mobile security can help your organization audit mobile device usage and keep your data safe. Check out our product demo.