Well, Mobile security actually begins with protecting the actual mobile device. Today, a plethora of apps exist to prevent data theft on case a mobile has been stolen. It is also possible to track down the device with iPhone’s having special apps to track them. But what do businesses actually do when faced with security issues?
1. Maintain and control security settings in one central location. It is important to never rely on devices that allow the user to make security decisions. It would also help if organizations require enforceable access control on all mobile devices i.e. users should not be able to disable the access control that IT has put in place.
2. Have regular Consultations with various departments such as finance, HR and legal departments about their needs. This is because your mobile device policy doesn’t affect just the IT department.
3. Always use two-step authentication for devices and apps where possible. This makes it necessary to provide both a password and additional information such as a code sent to an email address in case the device is lost or stolen.
4. Establishing cloud-based servers or URL filters for websites that are either blocked by the company or known to be malicious. This precaution will help to protect the endpoint by not allowing an employee to visit websites that could compromise security.
5. Frame a policy for mobile devices depending on your requirements and the company’s exposure to risk. Although BYOD has now more or less become the norm, it does pose a higher risk than policies such as choose your own device (CYOD) and corporate-owned, personally enabled (COPE) which may be more appropriate.