Pau Lo
asked on
Mobiles/Smartphones/Handhelds
Can I ask what key issues/areas need to be reviewed into an IT audit of corporate mobile devices/smartphones?
Last Comment
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
I was thinking of any misuse of corporate phones as well?
You wont stop an employee from playing solitaire :)
Hi,
Please provide more details re. the device OS in use (Symbian, Windows Mobile 6.x, Windows Phone, Android, IOS etc.).
Are you looking for tools/solutions to help you meed the auditing requirements?
Regards.
RobMobility.
Please provide more details re. the device OS in use (Symbian, Windows Mobile 6.x, Windows Phone, Android, IOS etc.).
Are you looking for tools/solutions to help you meed the auditing requirements?
Regards.
RobMobility.
ASKER
No not tools just areas to include in the audit, tools are worthwhile knowing about as they may form a recommendation if the company is lapse in doing x, y and z around handheld management/handheld security. But more the focus is on what should be reviewed to see if lapse pratice/policies are in place in the first place
ASKER
We have some windows mobiles and blackberrys
Hi,
You can consider the following:
Windows Mobile - Kiosk type applications are available - you can configure these to only support a few applications.
Both BlackBerry and Windows Mobile (via SCMDM or thrid party products) can enforce device functionality and application controls where you can disable non essential functions/applications, prevent use of Social networking apps etc.
Within BlackBerry, this is done via IT Policies and Application Control Policies.
What misuse are you referring to?
Regards,
RobMobility.
You can consider the following:
Windows Mobile - Kiosk type applications are available - you can configure these to only support a few applications.
Both BlackBerry and Windows Mobile (via SCMDM or thrid party products) can enforce device functionality and application controls where you can disable non essential functions/applications, prevent use of Social networking apps etc.
Within BlackBerry, this is done via IT Policies and Application Control Policies.
What misuse are you referring to?
Regards,
RobMobility.
OK.
Consider what you are trying to protect/prevent?
Exfiltration of corporate data via personal email accounts? Block access to non corporate email systems. Also prevent use of removable media cards or where used, enforce their encryption.
Protection of data on the device - force encryption of some or all of the device
Protection of data in transit - VPN, SSL or other secure connection - ensure it's at least 128 bit encryption and preferably AES.
Prevent misuse of device - configure PIN/Password policy - passwords need to be complex but not too onerous to enter onto the device. Add password expiry (say 60 days), password history, password pattern matching/disallowed passwords, password attempts (say 10 max) and wipe on failure to authenticate on the 10th try.
Regards,
RobMobility.
Consider what you are trying to protect/prevent?
Exfiltration of corporate data via personal email accounts? Block access to non corporate email systems. Also prevent use of removable media cards or where used, enforce their encryption.
Protection of data on the device - force encryption of some or all of the device
Protection of data in transit - VPN, SSL or other secure connection - ensure it's at least 128 bit encryption and preferably AES.
Prevent misuse of device - configure PIN/Password policy - passwords need to be complex but not too onerous to enter onto the device. Add password expiry (say 60 days), password history, password pattern matching/disallowed passwords, password attempts (say 10 max) and wipe on failure to authenticate on the 10th try.
Regards,
RobMobility.
The blackberry connects to the BES which is part of the exchange server. The windows mobile are connected via exchange so you have all the power you need to secure your devices.
ASKER
Misue would be excessive personal calls, calls to other countries, use of web in work time etc
Hi,
The first one is difficult unless you monitor calls from bills and identify high bills?
International calling could be blocked via the mobile operator - presumably you manage the SIMs etc. centrally?
Web in work time - consider routing all web traffic via internal proxies etc. (if present) - same rules would apply as for desktop users with the same monitoring capabilities?
Regards,
RobMobility.
The first one is difficult unless you monitor calls from bills and identify high bills?
International calling could be blocked via the mobile operator - presumably you manage the SIMs etc. centrally?
Web in work time - consider routing all web traffic via internal proxies etc. (if present) - same rules would apply as for desktop users with the same monitoring capabilities?
Regards,
RobMobility.
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Smartphone Programming
Smartphones run using a variety of operating systems -- Android, iOS and Windows Mobile most commonly -- and an even wider variety of programming languages, including Objective-C, Java, Visual C#, C++ and .NET, not to mention HTML5 and JavaScript, and cross-platform frameworks such as PhoneGap.
8K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
What steps do you take to secure your other corporate mobile devices (e.g. laptops)? Always a good starting point.
Regards,
RobMobility.