First, I would not use the Bluetooth headsets if the risk of eavesdropping is unacceptable to your organization. There is an excellent video by Josh Wright of Inguardians Inc. in which he demonstrates the dangers of using a Bluetooth headset. I would also recommend becoming familiar with the tools that can be used against your phone's Bluetooth capabilities, including penetration testing suites like Bluediving.
It is also important to train corporate employees to use caution when using their phones. Tell them, for example, to be wary of the websites they surf. Your corporate Web policy should mention that company phones should not be used to access questionable websites. Your users should also be careful to not lose their phones or leave them unattended.
You should also attempt to train employees that carry corporate phones to use some discretion. There have been many times where I have overheard seemingly sensitive conversations because people are talking loud enough for everyone in the airport terminal to hear.
Dig Deeper on Handheld and Mobile Device Security Best Practices
Related Q&A from John Strand
Expert John Strand reviews how to spot input validation flaws on your websites.continue reading
In this expert response, John Strand explains what to do when your personal identity is impersonated online.continue reading
Expert John Strand reveals an interesting way of addressing man-in-the-middle attacks.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.