We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Five Steps to Mobile Device Management and Security

As more employees bring smartphones and tablets to work, managing the devices, securing data, and fighting malware is critical.

First there were sewing-machine sized portable PCs, then laptops, the Newton, the Palm Pilot, and phones with built-in PDA functions. The iPhone led the way to the ubiquitous smartphone, and the iPad ushered in an era of tablets. Now wireless hotspots, printers, storage, and a variety of other devices are making their way onto your office network, possibly without the knowledge of managers.

These devices have the potential to compromise security, whether by introducing malware onto other devices on your network, or transporting company data outside the network. Fortunately, antivirus and encryption apps are available for all the major smartphone and tablet platforms, and most allow remote management.

1. Create Formal Policies for Mobile Devices

You can’t ask users to abide by a security policy if you don’t have one. It doesn’t have to be a long document that covers every possible contingency. A brief statement about protecting corporate assets will not only be easier to understand and remember, but easier to get buy-in on from users. Make clear that the rules aren'tt simply to make users' lives harder, but to protect the organization.

2. Create Your Own App Store

Create a list of the recommended or required applications--such as encryption software, an anti-virus client, and VPN software--for each mobile device or platform you’ll be supporting. You can create an internal website with links to the appropriate download sites. Help the users understand the easiest way to install and use these applications.

3. Control Wireless Access

Most wireless access points allow you to set up two or more networks, a trusted network for authorized devices, and a quest network for all others. You can maintain a list of authorized devices, and all others will only be able to connect to a guest network that gives Internet access but not access to the company network.

To ensure that devices can’t circumvent security while connected to a PC or other device, you can run a management server that can control access to USB ports, lock down synchronization applications such as ActiveSync or iTunes, and control which files can be transferred to a mobile device or portable storage.

4. Consider Network Access Control

Network Access Control (NAC) systems monitor the network and check any device that tries to connect for specific parameters, such as an up-to-date anti-virus client, patch levels, particular applications such as encryption or VPN apps, and settings such as ensuring that passwords are properly complex. NAC systems help secure the network by ensuring that devices that are insecure or may have malware loaded, or that don’t properly encrypt data, cannot connect to the network.

5. Create a Policy Server

Each of the major operating systems, such as Android and iOS, can be used with a policy and management server such as System Center Configuration Manager or SELinux Policy Server. These servers allow you to access mobile devices remotely, wipe them if they are stolen, install necessary applications anti-virus clients, load patches to the OS or applications, and ensure that any data copied to the device is properly encrypted.

IDG UK Sites

LG G4 Note UK release date and specification rumours: Samsung Galaxy Note 5 killer could be the LG 3......

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 of price of Retina iMac with new model