Ask the Expert

How to set up a corporate cell phone management strategy

When it comes to managing a mobile environment, are most enterprise security teams blocking devices or dealing with them head on? What's the better approach and what steps can be taken to deal with a diverse set of enterprise devices that are becoming more difficult to contain?

    Requires Free Membership to View

Outside of some super-paranoid government agencies and their contractors, most security professionals are dealing with mobile devices head-on. Realistically speaking, it's difficult to restrict the use of mobile devices in an enterprise. Sure, you can block them from your Wi-Fi network, but you can't stop the wireless carriers' data signals from reaching inside your buildings.

Instead of blocking wireless devices, I encourage you to embrace them. Reach out to users and remind them that you're not the security police, but rather a helpful resource to provide them with ways to safely use technology to meet their business requirements. Demonstrate to them that it's possible to use these devices in a secure manner by encouraging them to use the built-in VPN capabilities of smartphones, encrypt their mobile devices to protect stored data and report the loss or theft of devices promptly.

You may also wish to consider standardizing your enterprise on a single smartphone platform. If you choose, for example, to equip all of your mobile staffers with Blackberrys, you'll have a much easier time providing security advice and an infrastructure than if you have an assortment of different devices, including iPhones, Treos, Windows-based devices and other gadgets-of-the-day running around your building.

The Blackberry route is especially appealing to many organizations with the release of the feature-packed Blackberry Enterprise Server (BES). This management platform allows you to centrally administer devices for both usability and security. For example, you can use BES to require that all Blackberries in your organization use AES encryption to protect locally stored data. That approach offers peace-of-mind when one of the devices turns up lost or stolen.

In summary, it's not likely that many organizations will be able to stomach a policy that attempts to prohibit or severely restrict the use of mobile devices. They're simply too convenient and enhance productivity significantly. You can, however, take steps to manage their deployment so it minimizes the additional risk to enterprise security.

For more information:

This was first published in March 2009

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: