In the BYOD era, data leakage and mobile malware are top concerns for IT pros, but crafting a strong mobile device policy and distributing that information to users can mitigate some of the risks.
Although writing a mobile device policy isn't the most exciting task, it's an important one. These policies can prevent some serious problems, such as sensitive corporate data leaking or a virus making its way onto your network. There are different policies that can help head off problems, such as bring your own device (BYOD), mobile device security and acceptable use policies. When employees know what's expected of them, they're less likely to break the rules.
Of course, policies themselves don't stop workers from violating regulations, so you'll need ways to enforce those rules, such as mobile device management (MDM) and other tools. Take a look at these tips for writing successful policies, learn about more advanced facets of enforcement and watch experts weigh in on the importance of writing down regulations in the consumerization age.
Companies that allow workers to use mobile devices should have rules around security and use. Whether devices are corporate or personally owned, users need to know what they can and can't do with them, and how those expectations will be enforced. While this is a pretty simple concept, the act of writing security, mobile device, BYOD and acceptable use policies can seem daunting. Check out these how-to tips to learn the basics of policy writing.
Writing a good mobile-device security policy begins with information gathering. Find out what potential threats and other risks devices pose, then pin down the number of devices that the policy will apply to. Write up the policy, and send it out to users. Continue Reading
Every company has to craft a BYOD policy that's specific to the business and its needs, but most policies cover the same questions: How should users protect their devices, what data and apps can users access, and what happens when a device is lost or stolen or an employee leaves the company. Continue Reading
An acceptable use policy lets users know what they can and can't do with their devices. But even if users know what's expected of them, you still need to enforce it. You can do that with blacklisting and whitelisting, MDM, mobile application management (MAM) or an enterprise app store. Continue Reading
If you enroll all the Android devices on your network in an MDM system, the tool can notify you or users (or both) when an action taken on the device breaches policy. Then, it can enforce the policy by un-enrolling the device. Continue Reading
Once you get the appropriate policies in place, make sure they're going the distance. That means following through on enforcing the rules, making updates to the policies as needed and disseminating the rules to users. When the whole organization is on board with keeping devices secure, it makes your job as an IT pro a little easier.
3Watch and learn-
Everyone has something to say about how and why to implement security standards and policies in the enterprise. Hear what some experts in the field have to say on the matter in these videos.
One of the challenges of enforcing mobile security policies in the BYOD world is that users are in charge of their own devices. You have to be willing to tell workers that you're going to enforce policies on their devices, and you need ways to encrypt, wipe and protect data.
Mobile devices, applications and the cloud have introduced many new vectors from which corporate data can leak. Make sure you have enough mobile device policies and procedures in place to keep sensitive data out of the wrong hands.
Mobility is a huge game-changer for the enterprise, but data leaks and other mobile threats can impede the productivity of a company, rather than advance it. Consider applying policies on a per-user or per-application basis.
Now that you're an expert on mobile device policy and preventing data left, take this quiz and prove it!Take the quiz
Learn more about corporate mobility policies with these definitions.