Dirty Harry, Move Over for the New Enforcer
You know the saying about getting better, not older. Apparently this does not apply to mobile operating systems, which are not getting better as the generations go by. In 2010, there were 163 security holes compared to 115 in 2009, according to Symantec.
Source: http://tbreak.com/tech/2011/02/why-are-mobile-phones-limited-to-one-operating-system/
You can tackle security problems related to mobile and personal devices as they happen and invoke Dirty Harry (go ahead, make my day), or take steps to avoid these confrontations. You may lose… or let’s say you may lose data and IP.
In case your company doesn’t yet have policies in place, here are a few common-sense tips gathered from recent reading and research:
• Check your user password policy to be sure it meets current best practices, which include guidelines for the complexity of passwords and how often they can be reused.
• Don’t send sensitive information of any kind through email – personal/financial, personnel records, etc.
• Keep company mailbox addresses current and protected.
• Use a software tool that gives you remote access to lost or stolen devices so you can take the necessary steps to disable or wipe them.
• Set and follow procedures to clean devices and hard drives before they change hands or are disposed of.
• Install network vendors’ security patches and updates immediately.
• Use passwords for network devices and change them frequently.
• Communicate with employees on an ongoing basis. Set policies, especially about unsupported apps and personal devices, and make sure employees are familiar with them. Consider reinforcing the basics about passwords, suspicious attachments, unsolicited emails, phishing, etc. in company newsletters, during team meetings, on bulletin boards and so on. Have data security conversations with incoming and outgoing employees.
Not everyone will play by the rules or read every communication you send, but anticipating needed guidelines, stating them and then continually reminding employees to be vigilant is in your best interest.
What IT does after communicating is crucial. Find out what Marc Beattie of Wainhouse Research recommends in an upcoming webinar sponsored by ACT Conferencing on August 25, 2011: Collaboration & Social Media: How to Tame User Anarchy.