Mobile Device Security

Mobile Device Security

  • Company Confidential Data should be stored in an encrypted container.
  • The mobile device should only retain minimal data required to support business processes and functionalities.  Data should be transferred to the server for permanent storage using secure protocols.
  • Application cache should be purged once the application exits or after a fixed period of inactivity.
  • Application backgrounding should result in the presentation of a screen which do not display any sensitive information.
  • A Mobile Device Management (MDM) solution such as Blackberry GOOD should be used to manage applications deployed to company staff.
  • MDM should support remote wipe of the application data container and processes and policies for remote wipe should be set.
  • Company deployed applications should be password protected based on the company’s Password Policy.
  • Application should be locked after a specific period of inactivity.
  • Application data container should be wiped off after a certain number of successive unsuccessful login attempts.
  • Use of company applications should be supported by the Company’s Mobile Device Security Policy.  Consent of the users to the policy should be captured and recorded.
Mobile Device Security

Leave a Reply

Your email address will not be published. Required fields are marked *