Mobile Devices and Information Security Risk Management

Mobile devices such as smartphones and tablets have found their way into everyday task for professionals. More and more software is available in mobile application form, and organizations are utilizing the convenience offered by having their staff always connected. Though there are many benefits associated with having said connectability, new threats are introduced into the enterprise environment. The following post highlights threats that exist and steps you can take to secure your mobile devices.

The ISO 27001 information security standard recommends the development of a formal policy that introduce appropriate security measure to protect against threats related to mobile devices. The Standard suggests implementing a policy that addresses physical protection, access controls, cryptographic techniques, back-ups, and virus protection.

One of the biggest threats that exist is from malware or hackers; the biggest threat is losing your phone. The most common way to unlock devices is a finger swipe which will give anyone access to almost all the information held on the devise. Simply enabling a password to the unlock function will go a long way in protecting your information and identity in the case you lose your mobile devise.

Following the threat of losing your mobile devise, the next biggest threat comes from the apps you download and use. Both Apple’s iOS and Andriod platforms are subject to malware from app developers. Andriod has fewer barriers to entry for developers, thus making it easier for malware to make it to the Google Play store. The best control against malicious apps is to research and app and read the user reviews before you purchase to ensure that you are not exposing yourself to a virus.

Secure connections go a long way in protecting the data on your mobile devise. Everyone enjoys the always on functionality of mobile devices. However, the ability to get the latest tweets, emails, and news exposes your data to more threats. If you are going to connect in a public place with a mobile devise that has confidential data, you should utilize a VPN or a proxy to connect with an encrypted SSL connection.

These are just a few of the major threats that exist. As mobile devices become the norm and in some cases the preferred platform for carrying out business operations, users should take care to not open themselves up to new vulnerabilities. A strong information security management system will address this threat and ensure users adhere to the policies as a way of reducing risk to an organization.