Six Reasons Why a Device Management Policy is Important

This post is part of  Skyen’s Guide to Small Business Technology

One of the biggest vulnerabilities in the wild today exists with mobile devices such as laptops, phones, and tablets.   According to the 2016 State of the Endpoint Report published by the Ponemon Institute, an independent privacy, data protection and information security research organization.

ZDnet does a great job of summarizing the report’s findings, “…its 2016 survey report reveals some telling insights about enterprise mobile security – many of them clearly driven by the BYOD [Bring Your Own Device] trend of recent years.”

“Mobile devices are a particular headache for IT security professionals, because they present a bigger attack surface than PCs residing (relatively) safely within the corporate firewall, for several reasons: mobile devices can be lost or stolen; mobile operating systems generally have less enterprise manageability heritage than desktop OSs; and wireless communications – be they wi-fi or cellular – can be intercepted,” explains Charles McLellan from ZDNet.

So, what can you do to minimize your risk? Develop a solid mobile device or BYOD policy designed to protect your organization’s technology infrastructure and sensitive data. Here are 6 considerations when building your policy:

1. Device Coverage – Your policy should include any & all devices owned by your employee or your organization.  Even employee owned mobile devices should be included.
2. User Coverage – Your policy applies to all employees, including full and part-time staff, contractors, freelancers, and other agents who use a mobile device to access, store, back up, or relocate any organization owned data, including emailMobile Devices – Mobile devices with access to organization owned data or email must be protected by a pin, which should not exceed a 15 minute timeout window.
3. Lockdown – Permissions  and access control of all devices should be centrally managed by the organization’s IT department or manager.
4. Devices should only access the organization’s network and data through the Internet using a secure connection, such as a Secure Socket Layer (SSL) Virtual Private Network (VPN) connection.
5. Using a mobile device as a wireless hotspot should be prohibited while the device is connected to the organization’s network.
6. To help keep your policy intact, consequences for failure to comply to protocols should be included in your policy. (write up, loss of access, etc.)

Skyen can help you develop a mobile device policy so your employees can be productive wherever they work, on whatever device they choose, while minimizing the risk to your network and data.  Get in touch today!

This post is part of  Skyen’s Guide to Small Business Technology