What do you worry about if your laptop is lost? Are you afraid you can't find it? The device itself is of course very important, but the data stored in it, such as passwords, bank accounts, and confidential company documents, is the most important, because these intangible things may involve greater economic benefits.
Fortunately, enterprises can take some simple measures to protect data security on mobile devices. Here we will explain one by one:
1. First, policies and policies
This may sound a little unconventional, but it is the most important. A solid and clear policy is the basis for a good response to any security problem. It should be effective to reach all risk owners. To let users know and understand which practices are appropriate and beneficial to the company's information assets and which are inappropriate and harmful, we should also be clear about the consequences of not following these policies and policies.
2. Identify where the data should exist
Knowing things is half done. It is unclear that the assets you own cannot be protected. If an enterprise has processed sensitive data, we will find that, employees may store them in laptops, desktop devices, CD, floppy disks, USB flash disks, and any other storage devices that may come to mind. Employees should also be aware of and truly do this: they should not only be responsible for knowing where the data exists, but also clear unnecessary data in a timely manner according to the data retention policy of the enterprise.
3. encrypt data on mobile devices
Do not let thieves steal your "book" as a clue to greater financial losses. Encryption technology can help you mitigate this risk. One solution is to use the entire disk encryption product, which allows you to use a boot password to protect the content on the entire hard disk. However, it should be noted that if the device is in the "suspended" status and is not "shut down", this layer of protection will become invalid. However, in general, the combination of application-layer encryption and full-disk encryption technology for sensitive data should be a good choice.
4. Use standard security control measures on mobile devices
This may sound a little too simple, but many mobile devices do not adopt strict security control as desktop computers do because they are worried about conflicting operations with mobile users. Considering that mobile devices are more likely to be stolen or connected to dangerous wireless networks than desktop computers (because desktop devices are usually under several layers of peripheral protection ), users should apply the same or more robust security measures to mobile devices. Make sure that these devices have the latest firewalls, Patch Management, anti-virus and anti-spyware.
5. prevent administrator passwords from falling into the hands of common users
In most cases, a common user has no reason to have an administrator account on the company's computer or network. If enterprises provide such access, it is equivalent to asking for trouble, because it makes it easy for common users to use mobile devices to disrupt security control during the journey, although this is just an accidental problem.
6. Security Control covers all mobile devices
Remember that a laptop is not the only device that leaves the office with confidential information. The PDA devices such as BlackBerry and Treo and smart phones used by senior management personnel and online office staff are also important targets of identity theft. Therefore, it must be included in the enterprise's protection plan.
Some companies have taken strict measures. Generally, it is not necessary to completely clear mobile computing devices to protect the security of the organization. Implementing these controls will help enterprises build a secure foundation for mobile computing.