HOME| About Us| Events| IT Support| ShoreTel| Support| Contact Us
BrightStack
BrightStack
Service Board Login

Building a Mobile Computing Security Strategy

Posted by Lou Person
Lou Person
Lou Person has not set their biography yet
User is currently offline
on Jul 08, 2011 in Cloud Journey

Part two: Who Needs to Know What

One Size Fits None
These days more organizations than should, are spending more money than necessary, on securing more resources than are practical, from more risks than make sense.  

Yes, it is true that:

  • Security breaches are on the rise.
  • There are laws to obey, standards to uphold, best practices to follow.
  • Bad things sometimes do happen to good people.


But it is also true that:

  • Statistically speaking it’s not happening as often, or to as many, as you may think.   
  • From a liability standpoint negligence is not to blame nearly as much as may suspect.
  • Legally, there may not be as much that you can do about it as you may hope.  

 

So how much security is enough?
It depends on who you are and what you do, according to an in-depth InfoWorld report [1] on the subject released in March 2011. If you happen to be the leader of the free world or Agent 007, then by all means deploy everything you can get your hands on. If not, a more practical, “who needs to know what” approach proves to be far more effective. Especially when you take these game-changing realities into account:

  • Not all information is sensitive or valuable.
  • Not all people have access to sensitive or valuable information.
  • Not all information can/should be protected in the same ways.

Here is a quick look at the four basic security risk groups InfoWorld suggests that you consider addressing (when appropriate) in every area of security planning, including your Mobile Security Strategy:

 

People who deal with routine business information
(Rarely have access to anything personal or sensitive)

  • Types of professionals: Truck drivers, graphic designers, restaurateurs etc.
  • Types of issues: Lost devices etc.
  • Types of solutions: PINS, etc.


People who deal with important business information
 (Could cause harm worth preventing, but won’t sink the ship)

  • Types of professionals: Mid-level managers, IT professionals, consultants
  • Types of issues: Access to somewhat sensitive systems, lost devices
  • Types of solutions: Complex passwords. SSL encryption, remote wipe, etc.


People who deal with sensitive business information and technology
(Can cause significant harm)

  • Types of professionals: Finance, medical, regulatory, product developers
  • Types of issues: Access to somewhat sensitive systems and devices
  • Types of solutions: Complex passwords. SSL encryption, remote wipe, access control


People who deal with top secret information and technology
(Can jeopardize lives, or national security)

  • Types of professionals: Military, government, spies
  • Types of issues: Access to extremely sensitive systems, lost devices
  • Types of solutions: Military grade encryption, discreet lockdown control

_______________

InfoWorld Deep Dive: Mobile Device Management, March 2011

0 votes
Tags: Untagged
Lou Person
Lou Person has not set their biography yet
Trackback URL for this blog entry

Comments

No comments made yet. Be the first to submit a comment

Leave your comment

Guest May 19, 2012
Reload Image

managed-services

brightstack offers a full-suite of Managed Services ideal for organizations that don’t want to maintain an internal IT department or are looking for a trusted partner to help augment internal resources.

Read More »

Upcoming Events

There are no upcoming events.

BrightStack

Sign up for our FREE seminars to learn more about putting technology to work for your orgaization. We look forward to seeing you!

Register Now »

BrightStack

Contact brightstack today to learn how our innovative technology solutions and world-class customer service can benefit your business.

GET A CONSULTATION NOW »