Thursday, October 13, 2011

Handling lost or stolen mobile devices in the enterprise


Mobile devices, by their very nature, are well suited for work on the go.   While their small size and portability make them the perfect travel companion, this also makes them susceptible to being lost of stolen.  While laptops face this same risk, smartphones and tablets, by virtue of their small size - are at greater risk of being lost or stolen.  This could put corporate data at risk.   It is important that the enterprise establish a policy for addressing lost or stolen devices.  Common techniques:

  • Require that corporate data stored on the device be encrypted.  Note that not all mobile devices support encryption
  • Require that no corporate date be stored on the device and instead leverage web or virtual application delivery models
  • Require separation between work and personal data on mobile devices
  • Require remote wipe devices that are lost, stolen or after employee separation.  Force device wipe after a specific number of invalid password attempts
  • Require that the device be locked with a device passcode or two-factor authentication

The level of security required will likely depend on the sensitivity of data and multiple techniques may be used in combination.  Mobile Device Management (MDM) software can help enforce corporate security policy and implement the controls listed above.  For more information on securing mobile devices, consult IBM's mobile security whitepaper

No comments: