Analysis: Five security tips for smartphones in the enterprise

The technology of today’s smartphones is going to put more pressure on IT departments, and IBM has released advice about how administrators can cope.

Amongst all the fanfare from the release of the 3G iPhone, business users were particularly interested in the fact that it was much better positioned to be used for enterprise, thanks to new business tools and capabilities such as the push email.

This has focused more attention on the incorporation of smartphones into business networks, which in the future looks to be a necessity thanks to modern day workers needing to perform many tasks on the move.

Advertisement - Article continues below

RIM's Blackberry has been the business smartphone of choice for a while, with its ability to perform corporate tasks and its functionality.

However, a new generation of smartphones such as the iPhone but also devices like the Nokia N71 and the new series of Blackberrys are capable of doing much more. These phones have features such as the ability to access the net using 3G, watching videos and downloading third party applications which have its own inherent risks.

It is also clear that smartphones will carry more important and confidential corporate information than ever before such as internal communications, customer contacts, financial information as well as intranet systems and networks.

In the wrong hands it could cause huge damage to business, and IT departments around the world are going to have to deal with new problems and a bigger strain on networks.

Advertisement
Advertisement - Article continues below

In response, IBM Internet Security Systems released a five point plan which IT administrators need to keep in mind when attempting to incorporate the technology into their enterprises.

Advertisement - Article continues below

1 - Enforce strong password policies

If the smartphone was lost or stolen, strong passwords could mean the difference between the loss of a phone and the loss of sensitive data which could cost business financially and destroy reputations. It was advised that business smartphones needed to be configured to lock screens after a period of inactivity, and passwords be complicated and changed on regular basis.

2 - Protect smartphone VPN access

Attackers are capable of exploiting vulnerabilities in smartphones and infecting them with malware, which in turn can transfer through VPN connections through to intranet resources. IBM said that smartphone servers and VPN egress points should be placed on a network which is firewalled from the rest of the internet. Connections coming from the phones should be monitored with intrusion protection systems and access from smartphone VPNs restricted to servers that are really needed by users.

3 - Establish procedures for employees to follow

Advertisement - Article continues below

It is possible for sensitive data to be wiped from smartphones remotely from the enterprise server if they are lost or stolen. It was recommended that a contact point for employees who had lost their phone so data could be wiped and a replacement be sent.

4 - Control the installation of third-party applications

Smartphone users will be tempted in downloading productivity applications or other files which carry malware or a back door. Businesses needed to consider restrictions on these types of third party applications, especially if they are not digitally signed.

5 - Evaluate smartphone anti-virus solutions

Although there are few malware threats on smartphones at the moment, there are anti-virus solutions on offer. As the popularity of smartphones increase, so will the malware that targets them. Businesses needed to monitor constantly in determining which mobile phones needed to be included in host based security deployments.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement
Advertisement

Recommended

Visit/software/operating-systems/355947/apples-ios-14-to-include-a-built-in-translator-for-safari
operating systems

Apple’s iOS 14 to include a built-in translator for Safari

5 Jun 2020
Visit/operating-systems/ios/355935/apple-confirms-serious-bugs-in-ios-135
iOS

Apple confirms serious bugs in iOS 13.5

4 Jun 2020
Visit/mobile/mobile-security/355898/apples-tracking-iphones-stolen-by-looters
mobile security

Apple is tracking iPhones stolen by looters

3 Jun 2020
Visit/mobile/mobile-security/355889/parachute-introduces-superlock-feature
mobile security

Parachute's Superlock feature keeps your phone recording in an emergency

2 Jun 2020

Most Popular

Visit/operating-systems/ios/355935/apple-confirms-serious-bugs-in-ios-135
iOS

Apple confirms serious bugs in iOS 13.5

4 Jun 2020
Visit/mobile/5g/355911/the-uk-pivots-to-japan-for-5g-equipment
5G

The UK looks to Japan and South Korea for 5G equipment

4 Jun 2020
Visit/security/ransomware/355945/new-ransomware-uses-java-to-target-software-organisations
ransomware

Tycoon ransomware discovered using Java image files to target software firms

5 Jun 2020