To continue reading for free, register below or login
To read more you must become a member of SearchSecurity.com
Keep in mind that the issue of President Barack Obama having a BlackBerry goes beyond the device itself; it extends to whether the risk of the president having mobile email is greater then the value it provides. Also, keep in mind that this isn't just a risk of sensitive information being hacked, but also the risk that any emails are eventually a matter of public record, and the president hears and sees many things the government would prefer to keep off the record.
Like email itself, the value proposition of a BlackBerry or similar device to enterprise executives is huge. The president of any country is a special exception, so setting corporate security policies by President Obama's necessarily extreme security requirements is quite likely a mistake. In fact, in some ways it's more secure for executives to use a BlackBerry-type device instead of a traditional email client on a laptop. Why? Well, it's far easier to remotely wipe a handheld device, and PDAs tend to have less information on them then the typical executive laptop does. So the organizational risk posed by a lost or stolen BlackBerry is much lower than the risk of a lost or stolen laptop.
The real questions a security team must ask are:
- What sort of data is being sent to those executives?
- What sort of policies are appropriate to secure the data on the devices?
- Are screen-lock times and password-complexity policies appropriate?
- Is remote wipe enabled?
- Is the device being backed up?
These are all good places to start your security inquiry, and the answers should be used to dictate security policy for the devices, including who gets to have one.
For more information:
|
