While users are an important element of all IT security, they’re an even larger element of security around mobile devices. Unlike almost any other IT, the mobile devices they use actually belong to the users and they have much more control over the device than any device sitting on the desktop or in the data center. Making sure mobile computing is safe requires partnering with users to ensure they practice safe computing as well as leveraging tools to enforce controls.

Mobile security requires these user behaviors:

Safe handling of devices.

Users should keep their devices under their control, either carrying them or storing them securely. If users lose a device that they use to access company resources, they should notify IT immediately. When users switch to another device, the old device should be wiped of business applications and data.

Safe mobile computing.

Users need to adhere to a number of practices to use mobile devices safely. All devices should be password-protected, and devices should lock after a relatively short period of inactivity. Encryption should be turned on to protect stored data. Users should only use approved cloud services and should only download apps from the official app store or a company’s own app store. Devices should be kept up to date with OS patches and must not be jail-broken. All connections to corporate resources should be over secure Wi-Fi and a VPN.

Businesses should have a mobile device policy that’s shared with employees to make their responsibilities clear and should also use technology to ensure safe mobile computing.

There are a number of tools that can be used, including:

Mobile device management software.

Mobile device management (MDM) software lets businesses control which devices have access to their resources. Access can be limited to certain types of devices and certain operating systems, so businesses can block obsolete devices that aren’t protected against viruses. The MDM can also enforce controls such as the password policy. MDM software is also useful when the device is lost or stolen, or if the employee leaves the business, because it makes it possible to delete business data from the device.

Cloud access security broker.

A cloud access security broker (CASB) provides control over access to cloud resources. While a CASB is not a mobile-specific tool, CASBs can determine whether access is via desktop or mobile device, and access can be granted or blocked accordingly. In some cases, it is useful to prevent access to sensitive data from outside the office.

 Data loss prevention.

Data loss prevention software prevents sensitive data from being accessed. This software can block mobile devices from accessing certain systems.

 Multifactor authentication.

Add additional security to user access by adding a second level of authentication to mobile device login attempts.

Make sure your mobile device usage is safe through educating your users and implementing effective controls. Prescient Solutions provides complete support for mobile usage, including managing provisioning, providing user support, and implementing security. Contact us to learn more about how to protect your business while empowering workers to use their mobile devices to work from anywhere.