Enterprise Mobility
10 years ago I was seated in a café, next to a lady just finishing up some work, having concluded in the current session she powered down and flipped her laptop back screen and gave me a genre to have an eye on the mobile while she visited the café’s services. I quickly pointed to my friend next to me how easy it was to unscrew the HDD bay cover and a further 3 screws inside. An operation that could have taken me under a minute and I would have had the wealth of information from her HDD.
A security control will ensure while been mobile, been the need to connect to corporate while out of office, you are safeguarded from various security risks. Enterprise mobility is the trend toward a shift in work habits, with more employees working out of the office and using mobile devices and cloud services to perform business tasks ~ Tech Target
Security Controls
There are three general categories that security controls fall under; these categories are Physical, Technical, and Operational (or procedural) security controls.
Operational, sometimes called procedural, security is concerned with the creation and enforcement of policies, procedures, and also include guideline documents, such as the ones we usually sign when we join an organisation like theAcceptable Use Policy. The AUP given the scenario above may dictate that the company laptop or mobile device or data sessions must never be left unattended in a public place.
Humans being naturally naïve can be an easy target for security breach.
All it requires is to study the operational security of the company and use the operational understanding loopholes.
Luckily today, following up on the above scenario, hard drives and memories for security reasons are now located deeper inside the device with mobility characteristics. Data mobility access are more strict, Tablets are even harder to physically open. Users when not encouraged are enforced to implement password or patterns authentication that lock the screen few seconds away from a point of inactivity, sign up for policies that can remotely wipe the mobile device in the lost incidence.
Physical Security Concessions
While the physical and environmental security programs refer to numerous occasions we can limit ourselves to the devices with mobility. And these could be the various measures or controls that matter and will protect organisations’ information seating on the equipment. A loss of connectivity to the mobile processing caused by theft which may result in an unauthorised access and the subsequent threats and/or vulnerability. Intentional destruction by disgruntled employees, mechanical equipment failure while on-the-go.
Therefore, physical security measures should be sufficient to deal with foreseeable threats and should be tested periodically for their effectiveness and functionality. Physical security of the on-the-go and data or device mobility is demandable as the devices will operate away from one station and point.
Each point of operation is a varying character posing a risk to security breach.
By all means limit the physical access to the data on the cloud and mobile device to reduce the security threat.
"It is important to remember the fact that no security app or set of guidelines can ensure total security for a mobile phone device. Even devices that are fully secure today may not be so tomorrow. Individuals who share or access sensitive information from a mobile phone device should keep this point in mind." Says IT Security
No comments:
Post a Comment