November 02, 2011, 9:44 AM — First there were sewing-machine sized portable PCs, then laptops, the Newton, the Palm Pilot, and phones with built-in PDA functions. The iPhone led the way to the ubiquitous smartphone, and the iPad ushered in an era of tablets. Now wireless hotspots, printers, storage, and a variety of other devices are making their way onto your office network, possibly without the knowledge of managers.
These devices have the potential to compromise security, whether by introducing malware onto other devices on your network, or transporting company data outside the network. Fortunately, antivirus and encryption apps are available for all the major smartphone and tablet platforms, and most allow remote management.
1. Create Formal Policies for Mobile Devices
You can't ask users to abide by a security policy if you don't have one. It doesn't have to be a long document that covers every possible contingency. A brief statement about protecting corporate assets will not only be easier to understand and remember, but easier to get buy-in on from users. Make clear that the rules aren'tt simply to make users' lives harder, but to protect the organization.
2. Create Your Own App Store
Create a list of the recommended or required applications--such as encryption software, an anti-virus client, and VPN software--for each mobile device or platform you'll be supporting. You can create an internal website with links to the appropriate download sites. Help the users understand the easiest way to install and use these applications.
3. Control Wireless Access
Most wireless access points allow you to set up two or more networks, a trusted network for authorized devices, and a quest network for all others. You can maintain a list of authorized devices, and all others will only be able to connect to a guest network that gives Internet access but not access to the company network.
To ensure that devices can't circumvent security while connected to a PC or other device, you can run a management server that can control access to USB ports, lock down synchronization applications such as ActiveSync or iTunes, and control which files can be transferred to a mobile device or portable storage.
4. Consider Network Access Control