614-322-2222 or 877-770-8324

Mobile Device Management: The New Frontier in IT Security



Mobile Device Management: The New Frontier in IT Security

Mobile Device Management: The New Frontier in IT Security

Mobile devices have changed the landscape of IT asset management and data security policies. IT managers now have to develop and implement new processes to help to manage, control, and properly dispose of these devices. The biggest hurdle with this is the shifting of power from the IT department to the employees themselves, this introduces a myriad of new risks. Risks such as corporate data available outside of a physical establishment as well as developing strategies for all makes of devices and operating systems. The overall goal should be putting in place a risk management approach that appeals to the interests of the IT department and the end-users, all while reflecting and catering to the needs and interests of the organization as a whole.

Risks to consider

It can be very easy to get ahead of yourself when implementing a mobile device management plan and miss actual threats, vulnerabilities, and operating risks. It is important to remember that those who are trying to steal the data are always striving to be one step ahead of security measure. For instance, most organizations require device level passwords and the ability to wipe the device remotely if lost or stolen. While both of these are great policies, alone they are not enough. Device level passwords can easily be bypassed and remote wiping requires some type of radio or internet connection to be executed. It is even possible for hackers to access a device’s information without even having physical access to the device, often times this occurs when the device is connected to an unsecure wifi connection. All of these scenarios need to be taken into consideration before, during and after the implementation of a mobile device management plan.

Balancing IT and the end-user

The one thing you want to make certain to avoid is not favoring either side too much. If the focus is put primarily on security and management you risk losing site of the needs of the end user. Risk management is the key to finding this balance as it helps you to consider both sides of the spectrum, and weigh risk vs. reward. Every business will have different compliance standards, regulations, and requirements to follow, it is also important to take this into consideration. All of this is to be considered along with the main over all goal of security. You want to prevent data leakage, data loss, privacy loss, network exposure, network intrusions and the fines and legal ramifications that can be a result of these risks.

Mobile Risk Management Guidelines

Below are some of the basics to follow in your risk management general practices:

1. Threats- Identify, define, assess.

2. Vulnerabilities- Compare threats and vulnerabilities to critical assets.

3. Associated Risk- Determine your risk, consider factors such as their likelihood and consequences.

4. Reduce- Find ways that these risks can be reduced or eliminated.

5. Prioritize- List the risks you have ID’d from above in order of severity. Tackle the largest and most vulnerable aspects first.

Again, these are just some basics to consider. Keep an eye out for an upcoming white paper from TechR2 that will review this material and add more detail to these basic guidelines.

  • Providing complete “Cradle to Grave” data eradication solutions, sound experience, industry best practices and resources to support you.

  • About An Industry Leader

    TechR2 is the only company in the industry that has earned a US patent for its Track-Contain-Destroy-Verify data security process, is OEM approved, upholds critical ISO certifications, and is recognized for compliance with GDPR, NIST and all governmental regulations concerning data destruction, including ISO 27001, ISO 14001, ISO 9001, and ISO 45001.

  • Why risk it? Get started today!
    Call 614-322-2222 or use this form.