News Vulnerability Management

Tech Insight: After The Holidays, It's Time To Re-Examine Smartphone Policies

With new portable devices coming out of the wrapping paper, how can enterprise security keep up?

John Sawyer December 31, 2009

'Twas the season for stockings stuffed with smartphones -- phones that include more computing power and functionality than computers might have wished for a decade ago. For enterprises, however, these "gifts" could be costly.

New toys, like iPhones, BlackBerrys, and the new Motorola Droid, give us around-the-clock connectivity that comes at a price not only to employees' personal time, but also to enterprise information security; just look at the recent attacks against "jailbroken" iPhones to steal personal data.

More Security Insights

White Papers

More >>

Reports

More >>

Webcasts

More >>

President Barack Obama's addiction to his BlackBerry is a testament to the need of today's society to have within reach the means to check e-mail, send text messages, and browse the Web. Of course, those are the more ordinary tasks. Smartphones now give us the capability to play online games, use instant messaging services, stay in touch with social networking sites, and much more. But what should companies do to secure these mobile communications and the data stored on such portable devices?

That's a question many IT workers will be facing as they ring in the new year. Many users will be returning to work with new Droids, iPhones, and even iPod Touches in-hand that they "need" connected ASAP to check email, access corporate intranets, and update statuses on social networks.

These requests and activities give rise to tough questions. Who's responsible for managing the security of "personal" devices that connect to the corporate network? What happens if a device capable of connecting to enterprise systems is lost? Should encryption be mandatory on portable devices that are used for work?

If it's a C-level executive with a new Droid, sometimes policies go out the window. However, that's not always the case. The key to dealing with smartphones -- and, really, any new whiz-bang hardware or software -- is to have policies for introducing them into the current infrastructure.

Page 2: What to consider
1 | 2 | Next Page »

Dark Reading Discussions

Start the Discussion

To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.

Follow Dark Reading

Dark Reading Reports

How Attackers Choose Which Vulnerabilities To Exploit

In the increasingly complex world of information security, it's important for security professionals to be able to understand not only how their organization's systems and data may be compromised but why. In this Dark Reading report we examine why certain vulnerabilities are exploited, by whom and with what. We also provide recommendations for getting out infront of hackers by using some of the same tools and strategies they do.
Assessing Risk and Prioritizing Vulnerability Remediation

Vulnerability remediation is a never-ending process, but, even so, security pros can't plug every hole in every asset and application. The key is to determine which vulnerabilities are most likely to be exploited and the effects such exploits would have on the business. To do this, security pros must know the business and its technology usage and needs intimately, a process that must involve stakeholders across the organization. In this report we recommend the steps that should be taken to determine the risk of vulnerabilities and the lengths to which remediation can and should go.
Finding Vulnerabilities By Attacking Your Own Environment

Vulnerability scans are valuable, but you have to think and act like a hacker if you want to truly understand the ways in which your organization could be compromised. In this report, Dark Reading recommends the tools and methodologies that can be used to test your organization's security.

Other reports from the Vulnerability Management Tech Center:

Related Content

Sponsored by

Mobile Devices Drive Majority of Endpoint Security Concerns

The results of the 2013 State of the Endpoint study tracked endpoint risk in organizations, the resources to address the risk and the technologies deployed to manage threats. This study reveals that the state of endpoint risk is not improving and one of the top concerns is the proliferation of personally owned mobile devices in the workplace such as smart phones and iPads. Download "Mobile Devices Drive Majority of Endpoint Security Concerns" to review some of the most noteworthy survey findings, address the difficulties in managing the endpoint risk, and review recommendations to make improvements.
IT Pros Guide to Data Protection: Top 5 Tips to Securing Data in the Modern Organization

Ready your organization for more robust data protection measures by first implementing these five steps to improve data security in a business- and cost-effective manner.
Best Practice Guide to Addressing Web 2.0 Risks

With the rise of user-generated content, social networks and readily available information offered by the Web 2.0-enabled workplace, users are more connected to people and ideas than ever before. This new level of connectivity also introduces significant risk. Organizations need to find the proper balance of risk vs. productivity through improved policy, controls and education of users.
Closing the Antivirus Protection Gap: A Comparative Study on Effective Endpoint Protection Strategies

Corporate economic concerns have put increased pressure on already limited IT resources in recent years as the onslaught of malware and sophistication of cyber attacks continues to grow at exponential rates. As a result, 50% of endpoint operating costs are directly attributable to malware,1 yet, corporate IT budgets are still focused on maintaining stand alone antivirus as the keystone in endpoint security. In this paper, we will benchmark the effectiveness of standalone AV and O/S resident patching solution versus newer technologies and a defense-in-depth of approach of layering multiple endpoint security and operational technologies together.
Lumension Guide to Device Control Best Practices

USB flash drives and other removable storage devices continue to proliferate throughout organizations. This could result in the loss or theft of your sensitive corporate and customer data, or in the propagation of malware like Stuxnet. Fortunately, powerful data protection tools are now available to help mitigate these risks, while still enabling flexible and managed use of these productivity devices. Learn about the best practices for deploying device control within your environment. Walk away with the recommended process to successfully prepare, enforce and manage the use of removable devices and media, and to protect your sensitive data.

Free Research and Reports

What's this?From the Editors of DarkReading

More >>

Box Icon

Whitepapers

What's this?

More >>

Box Icon

Dark Reading Digital Magazine

Back Issues

In This Issue

Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.

Download Now

First Name*:
Last Name*:
Email Address*:
Job Title:
Company/Organization/Gov't Dept.:
*Required field
Privacy Statement

Security

Protect The Business - Enable Access

News Vulnerability Management

Tech Insight: After The Holidays, It's Time To Re-Examine Smartphone Policies

With new portable devices coming out of the wrapping paper, how can enterprise security keep up?

More Security Insights

White Papers

Reports

Webcasts

Related Reading

Dark Reading Discussions

Start the Discussion

Follow Dark Reading

Dark Reading Reports

How Attackers Choose Which Vulnerabilities To Exploit

Assessing Risk and Prioritizing Vulnerability Remediation

Finding Vulnerabilities By Attacking Your Own Environment

Sign up for the Dark Reading Daily email newsletter

Free Research and Reports

Whitepapers

Upcoming Events

Dark Reading Digital Magazine

In This Issue

News Vulnerability Management

Tech Insight: After The Holidays, It's Time To Re-Examine Smartphone Policies

With new portable devices coming out of the wrapping paper, how can enterprise security keep up?

More Security Insights

White Papers

Reports

Webcasts

Related Reading

Dark Reading Discussions

Start the Discussion

Follow Dark Reading

Dark Reading Reports

Related Content

Dark Reading Newsletter

Sign up for the Dark Reading Daily email newsletter

Free Research and Reports

Whitepapers

Upcoming Events

Dark Reading Digital Magazine

In This Issue