Sunday, May 11, 2014

268- Why Employee Information Security Awareness Shouldn't Be Too Hardware Specific

We've reached a point where mobile devices are used almost as much as desktops and laptops. Research indicates that it won't be long before mobile phones and tablets become the primary way people connect to the Internet. So why is the attention still on PC's when it comes to information security?

Why Employee Information Security Awareness Shouldn't Be Too Hardware Specific

Most will recognise that almost all of the security breaches that could occur through a computer can occur through a mobile tablet or phone. A lot of people would have most likely also heard stories emerging about how employee personal online activities have resulted in catastrophe for an organisation - in particular the result of accessing or storing sensitive information on an unsecured personal device. 

Yet the mainstream media, news headlines and general tech surveys still place their security focus on PC's and networks. Furthermore, there is great concern as many organisations still don't have an adequate staff policy when it comes to personal devices, mobile or tablet, in the workplace.

That said, creating a long list of mobile security dos and don'ts isn't the most effective solution. In fact, the backbone of your employee information security awareness campaign shouldn't be hardware-specific at all.

Whilst there are certainly measures to consider when using different types of devices, awareness campaigns really must now start to focus on information and data first and foremost. Once the employee understands the importance to protect the information, there is more frequent tendency to identify the weaknesses of different mobile devices.

Here we have listed some preventative measures you can take to minimise these risks:

Prevent and reduce mobile device risks to data with mobile device management software.

When employees are given access to the corporate network with their mobile devices, there is the potential for data loss if there device, tablet or phone is lost, stolen, or even exchanged or sold. We can then establish from this that any company should be assessing whether devices will be even be permitted, but also to the extent they will be permitted.

Eliminate app download risks through the implementation of a user policy agreement and training and awareness

One big risk with any mobile device, is that the mobile applications and operating systems don't consistently enforce controls on what apps can and cannot do. Both Android and iOS software have their ways of allowing permissions, with some exploits open when a user simply grants a app access to the internet.

Making sure to manage and restrict what applications can be downloaded by a user when for business purposes is a priority for the present, looking at mobile device management solutions is your way out.

Article Source:

No comments:

Post a Comment