Skip Ribbon Commands
Skip to main content
Cyber Security Mauritius (National Computer Board)
Cyber Security Mauritius>Securing Mobile Devices

Securing Mobile Devices


Security Policy
Fighting Threats
Access Control
Dealing with Malware
Backing Up Data
Email & Spam
Protecting Passwords
Identity Theft & Privacy
Securing Mobile Devices
Wireless Access

Secure Remote Access
Desktop Security

 

Mobile device security is a critical issue that all organisations should address immediately. Increasing usage of laptops, PDAs, and other mobile devices has led to huge security risks. Also, wireless devices are vulnerable to theft and loss. By being aware of the mobile threats, you can secure company information in employee's individual mobile devices; help to prevent or reduce leakage of company's private and confidential data and reduce chance of being infected with virus that can affect business operations.

 

The following are the challenges of using a mobile device:

 

  • Mobile devices are often used outside company's premises. They may connect over unsecured network, or reside in a mode where they cannot be traced by management tools.

 

  • Mobile device such as PDAs are not designed with security support in mind. They are quite impossible to upgrade, and very few patches are available for them.

 

  • Employees tend to easily and excessively use mobile device for storing sensitive information. They however, can be careless or do not know to look after their devices.

 

The following are some tips for organisations and staff to protect their mobile device:

 

1.
Keep track of mobile devices. Companies should keep track of any mobile devices that connect either directly to organisation's network or attached to an employee's computer.

 

2.
Limit employees to mobile devices. Identify staff entitled to own mobile devices, i.e. laptops. Administrative and desktop bound workers can use a desktop computer instead of notebook. The lesser the usage of mobile devices, the lesser risk for your company.

 

3.
Educate employees. Awareness programme should be conducted to train those staff owning mobile devices. They must know how to protect their devices for example, the use of locking devices for laptops and password requirements. Training sessions should focus on security threats and actions they need to implement to help company reduce security risks.

 

4.
Introduce guidelines for copying data to removable device. Produce step-by-steps for employees to transfer their files to mobile devices. Most staff freely and simply move documents on portable USB thumb drives, external hard disks, and writeable CDs and DVDs and do not how to safe guard these devices.

 

5.
Rules on usage of personal mobile devices on the premise. Impose rules on employees who bring mobile devices to workplace. Employees should also be encouraged to contact IT department if they want to access organization's applications via personal device.

 

6.
Communicate with employees what is at stake if they lost their mobile device. Not only company's reputation is at risk, but their personal information, such as credit cards details, may be used by unauthorized person.

 

7.
Run antivirus and firewall program on all mobile devices, as the device can introduce virus and malicious code to organisation's network. Many antivirus manufacturers nowadays support mobile devices.

 

8.
Enforce password. Notebooks usually are easy to be equipped with passwords, but PDAs are often left without one. Employees tend to store sensitive information such as customers' name and contact numbers in PDAs, which is valuable to competitors.
 
Source: http://cybersafe.my/