ImplementingMobile Applications

Security Policies

CIO and IT Managers need to focus on more than convenience when implementing mobile applications - Security is a key issue

CIOs and IT managers responsible for deploying mobile services need to ensure that security is clearly understood and implemented in any mobile device solution they deploy:

  1. Support multiple SmartPhones, tablets, and personal computing Operating Systems - The optimal solution supports whatever mix of mobile devices mobile users are carrying.
  2. Implement file and workspace-based security - Enforce strict access controls for individual files and for shared workspaces. Stored files should be encrypted, transmitted over SSL, and even protected if left open on a device that is not being used.
  3. Support for access to data via non-enterprise networks - While keeping data secure, the solution should enable individuals to share information securely across corporate boundary with external users such as partners and customers.
  4. Mobile Device UseSupport ancillary data with files - It is important for a mobile user to understand the context of why someone has revised data on a file. Collaborative workspaces should capture important details and make them available to all authorized users, including mobile users.
  5. Implement an enterprise approved applications store - Have a list of applications approved by the IT department. Limiting applications to those approved by IT eliminates this vector of exposure and ensures enterprise management of software updates and data tracking.
  6. Implement a secure computing environment - Many mobile devices hold personal data in addition to business data. In fact, for some enterprises, it is not enough to keep the business content secure. The secure environment should include security features, such as anti-virus scanning. It should also enable administrators to restrict file access to view-only and to scrub devices that have been lost or stolen.
  7. Integrate corporate data with cloud solutions - Data will be shared and will be put in the cloud - have a security in place before the data is move around.
  8. Implement a solution for various formats and large files - Users need to be able to share and discuss multi-gigabyte files, even if they're not downloading these files to every mobile device.
  9. Implement a monitoring process including logging - Complete visibility and control over mobile users' file access and sharing activities is needed to change content access security policies per projects and as changes occur in the enterprises.
  10. Implement records management and security which meets mandated requirements - Ease-of-use and productivity can never come at the expense of industry regulations and federal and state laws. Enterprises need to stay compliant while serving their mobile workforce.

Read on Order Security Manual Template Download sample

Other current articles:

IT Governance Infrastructure Strategy Electronic Forms CIO Policy Bundle IT Job Descriptions