This page contains a Flash digital edition of a book.
Keeping Tabs on SECURITY


USE THESE BEST PRACTICES TO STEP UP


10


BY LISA PHIFER A


DOPTION of tablet devices by business users has been astonishingly quick, taking some IT departments by surprise and [making them


wonder] what to do about tablet security and support. To some extent, tablets can be treated like smartphones with the same mobile operating systems. But tablets are not just big flat smartphones—they tend to be used differently and thus pose some unique challenges of their own. Here we’ll discuss how to mitigate those risks.


Good Enough for Smartphones =


Good Enough for Tablets Companies that rely on corporate-standard phones


to ensure security will have more trouble embracing tablets. Employers may procure tablets for specific use cases, but this alone will not address all tablet demands. Instead, IT must facilitate safe business use of many different employee-owned tablets. Companies that are already securing employee-liable smartphones can start by applying smartphone mobile device security policies and practices to tablet security. The most important of these include: J Device lock: If a tablet is lost or stolen, enabling


native device authentication (PIN, password, pattern) can reduce risk of application, data, or connection misuse. All contemporary tablets support this practice, although strength and enforcement vary. J Anti-theft measures: Many tablets support remote lock or data wipe to stop missing tablets from being


misused—including those owned by former employees. While such measures are readily available for tablets, policies must be defined. For example, workers may be asked to consent to remote wipe and back up their own personal data. Employer use of tablet “find me” services can also raise privacy concerns. J Over-the-air encryption: All contemporary tablets


can secure Web and email with SSL/TLS, Wi-Fi with WPA2, and corporate data with mobile VPN clients. The primary challenge here for employers is proper configuration and enforcement, as well as protecting credentials and configs to prevent reuse on unauthorized devices. J Stored data protection: Hardware and mobile OS support for stored data encryption varies. However, self- protecting apps are readily available for tablets, such as email apps that store messages, contacts, and calendars inside encrypted containers. Some employers find self- protecting apps preferable, because they insulate business data from personal data, making it easier to wipe the former without the latter. J Mobile application controls: Contemporary


mobile operating systems employ code signing, data caging, and feature restrictions to deter malware. Nonetheless, many downloaded apps require access to sensitive data and features, and employers may have little or no control over app installation. Centrally enforced restrictions and blacklists are still emerging for tablets; consider this more of a stretch goal than best practice today.


WWW.MOREDIRECT.COM


VOLUME 3 • ISSUE 2


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36