Smartphones are arguably the greatest information risk in an organization. And while Windows Mobile and Windows Phone 7 aren’t the most prevalent mobile devices in the enterprise, they’re still a threat, and you need proper tools to manage and secure them. Even though more vendors are jumping on the mobile security bandwagon, you’ll likely experience the following frustrations when researching products:
- The big vendors aren't marketing security solutions well.
- The little vendors are difficult to find.
- There’s a ton of immature solutions that aren’t quite ready for the enterprise.
So where do you begin? Right here.
While the following list isn’t an exhaustive collection of Windows Mobile and
Secure password managers
If you want an enterprise mobile device management (MDM) solution, consider Mobile Active Defense, MobileIron, Symantec and McAfee/Trust Digital. In addition, I’ve heard good things about Lookout and ActiveSync in Exchange 2010.
Before you decide on a mobile security management route and tool, ask yourself the following questions:
- What are you trying to accomplish? Look at your high-level business goals, as well as your specific compliance and information risk management requirements, and determine your organization’s mobile security needs.
- Do you want to protect the endpoint itself, or do you want to protect your enterprise network from these devices coming and going? The solutions are different.
- Does the technology support the operating system versions on your Windows smartphones? Many tools aren’t ready for Windows Phone 7 -- and some may never be.
With mobile device management, like most things security-related, you get what you pay for. All it takes is one hole in an environment to cause security problems for your business, and mobile devices may be your worst enemy right now. But if you start making small steps toward visibility and control of your smartphones, you’ll be in good shape for the future.
ABOUT THE AUTHOR
Kevin Beaver is an information security consultant, expert witness and professional speaker at Atlanta-based Principle Logic LLC. With over 21 years of experience in the industry, Beaver specializes in performing independent security assessments revolving around information risk management. He has authored/co-authored eight books on information security, including The Practical Guide to HIPAA Privacy and Security Compliance and the newly-updated Hacking for Dummies, 3rd edition. In addition, he's the creator of the Security On Wheels information security audio books and blog providing security learning for IT professionals on the go. Kevin can be reached at www.principlelogic.com, and you can follow in on Twitter at @kevinbeaver.
This was first published in March 2011