Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity
    • IT Management
    • Mobile

    3 Smartphone Security Considerations for Enterprises

    By
    Brian Prince
    -
    April 16, 2009
    Share
    Facebook
    Twitter
    Linkedin

      From the iPhone to T-Mobile’s G1, smartphones have become pervasive in today’s enterprises.

      What are not always pervasive are sound security practices for controlling them. While malware for mobile devices is not especially widespread, hundreds of unique pieces of smartphone malware such as -Sexy View’ have been identified. Then there are the hacks.

      In a demonstration, Trust Digital showed how it was possible to use an SMS control message to silently change the phone’s configuration, for example, turning off security settings for e-mail transmission such as SSL. With all this in mind, here are a few things enterprises should consider when it comes to smartphone security.

      1. Take a Business-Centric Approach to Planning

      Philippe Winthrop, an analyst with Strategy Analytics, said businesses need to know how many smartphones they have and what they are being used for. “Go through and use cross-functionality teams … within your organization to understand what the line of business is going to want to do with these solutions, but make sure of course that it’s going to play nicely with what the IT department needs to do.”

      2. Develop a Configuration Plan

      In a report titled “Q&A: 10 Smartphone Security Failures You Want to Avoid,” Gartner analyst John Girard noted that any system that lacks a known, trackable and updatable configuration is impossible to properly manage, secure and support. The result is users handling troubleshooting and modifications on their own, which can in turn open up its own set of worms if their changes make the device less secure, he wrote. When it comes to planning operational requirements, smartphones should be treated like PCs, the report continues.

      “When companies move to personal liability phones, or tell people to use their personal phones at work, serious vulnerabilities arise if the company does not at least have a plan for managing diversity and controlling exposures,” Girard told eWEEK. “Ideally, companies would still invest in centralized management consoles for phones and take policy control of personal phones whenever possible.”

      3. Set Sound Default Browser Permission Rules

      One of the main doors malware walks through to get on a system is the browser. “Today’s smartphones increasingly include more fully functional browsers that are quickly moving toward a level of functionality rivaling that of desktop versions,” said Scott Crawford, an analyst with Enterprise Management Associates. “Considering that attackers increasingly focus on both Web applications and the vulnerabilities not only of browsers but of their many multifunctional add-ons, this increases concerns that mobile devices may add to the Web and browser attack surface already highly targeted.”

      Gartner recommends setting conservative companywide security policies, disallowing Java applets and scripts and regularly cleaning up the browser cache.

      Doing all this, however, depends not only on how much control enterprises want over the devices, but how much they can actually have, Crawford said.

      “In the iPhone’s case, for example, on-device control [a management agent, for example] is limited by what Apple is willing to make available via the App Store,” he said. “Otherwise, the customer must either consider ‘jailbreaking’ the phone-not an option in the typical enterprise-or considering an off-device alternative. … Other than that, organizations may want to deploy solutions that enable a secure ‘wipe’ of information from a lost or stolen device-whenever it connects to the network, for example.”

      Brian Prince
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×