Skip to main content

Your Phones May be Smart, but are They Secure?

June 29, 2010

There was once a day when you were considered kind of cool if you had a smartphone or Blackberry - it was an honor typically reserved for executives. How the times have changed in just a few short years.   Now, everywhere you look, someone is using a smartphone. That’s a good thing as it’s improved anytime, anywhere communication by making us more in touch and accessible. On the flip side, there are some serious risks that companies face when incorporating smartphones into the corporate environment.

The most serious concerns are related to connectivity via email, Web, SMS and enterprise applications. This, combined with the ever-increasing local storage capabilities and 3G/4G speeds on smartphones, increases the potential for exposure of sensitive, confidential and legally protected data. On top of that, most users are not incented to comply with security policies before they are allowed to connect to email. Finally, lost or stolen devices that have sensitive data can be compromised, and most phones do not have any encryption capabilities on them or on their memory cards.

Despite these concerns, companies continue to add more and more mobile phones as time goes on. There has also been a noticeable shift in corporate phone policies in recent years. Previously, most companies provided their users with specific phones, usually based on one operating system. Now, many companies are allowing users to go and buy whichever type of phone they prefer. This change proves that businesses don’t feel that they can slow down and wait for smartphone security technology to keep up. Executives and IT gadget hounds are swapping up to the latest and greatest phone platforms faster than their security administrators are able to add corporate network support and safeguards.

While productivity outweighs the risks for many of the organizations that we work with, we are starting to see more and more smartphone companies keep pace with the new code being released on the mobile OS platforms. That’s good news from a security perspective but it is a cat and mouse game and there is always a lag from when a new OS release comes out and when the proper security mechanisms catch up. There are also plenty of actions that IT can take to securely integrate these devices. An important first step is to develop mobile security and acceptable use policies. Next, we recommend the IT team perform user awareness training with employees – a step that is often overlooked. Another best practice is to implement a safeguard technology for the smartphones that will protect the organization from risk related to exposure of legally protected data, loss of critical intellectual property and non-compliance with business critical regulations. Fortunately, there are enterprise solutions that provide numerous security enhancements to the disparate list of phones in use by most organizations.

Accuvant works with many smartphone security vendors that provide a single console to manage smartphone protection across these disparate platforms, such as iPhone, Palm OS, SymbianAndroid and Windows Mobile. It is best to deploy a solution that can manage and support smartphone security and connections with a complete over-the-air (OTA) environment (with no connection to PCs or local networks required) for enrollment, provisioning, reporting, policy control, self-service user portals, on-device encryption of all enterprise data, and kill pill capabilities that remove only the enterprise data on the device along with help desk and recovery from lost passwords.

Are you losing any sleep over your organization’s smartphone security practices?

Related Blogs

June 14, 2016

Identity Protection Tips for Your Graduate

College students are five times more likely to become victims of identity theft than any other demographic, according to The Financial Times. Experts ...

See Details

November 05, 2015

Always Use Protection

The pace at which security exploits are being discovered on mobile operating systems is skyrocketing. They’re also having a major impact on device sec...

See Details

November 17, 2015

Endpoint Protection in the Cloud Era

Over the last several years there has been a major paradigm shift to a cloud computing model for enterprise computing. This new model has allowed a le...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Related Insights

December 10, 2012

Mobile Security UK Webinar | Optiv

Enterprise users are using multiple devices to tap into the corporate network. Connectivity, portability and productivity are the “three legs” of mobi...

See Details

May 05, 2011

Mobile Security Universal Issues | Optiv

It seems everywhere I go I’m having interesting conversations with senior level government officials regarding mobile security.  A lot of these conver...

See Details

December 15, 2017

Endpoint Security Assessment

Optiv can help validate the effectiveness of your endpoint security solution by identifying and exploiting vulnerabilities.

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cybersecurity Events in your area.