Lisa DuBrock, one of this website’s contributing editors, recently submitted smart phone security to our staff as a topic to be mentioned again for re-focusing awareness by our readers to the need for constant improvement in controls of information security regarding both corporate confidential information as well as the privacy rights of those individuals employed by those same organizations.
As Ms. DuBrock states, “… as I mentor and assist the internal security control audits for many of my clients…so many of them continue to always ask me questions about smart phone security. Many are small businesses where their employees utilize their personal smart phones to access corporate email, calendars and other information that is simply not for public use. Those businesses are worried about what would happen if the phone is lost, stolen, etc. As a result I am always trying to research and benchmark any cybersecurity best practices regarding protection against a breach of confidential information — especially those involving the use of smart phones that can access corporate information over the internet. ”
Recently, Ms. DuBrock noticed an article written by Eric Chabrow, Executive Editor, and which was posted on the GovInfoSecurity.com website. This article claimed that state employees in Delaware who want to use their own BlackBerries, iPhones and Droids to access government servers can do so —- but, must follow stringent security rules that could result in the loss of all of the data – government generated and personal – from their smart phones if those devices are deemed a threat to state information systems.
Ms. DuBrock went on to state, “…when I saw this solution from the State of Delaware, I was attracted to its simplicity, and, then I wondered if this solution would be relatively easy for any size business to duplicate? After all, it did seem to indicate that a combination of employee authorization and corporate software applications might well be a way to take the anxiety and risk out of giving employees access to corporate email…”
Click here to read the entire article referenced above, and tell us what you think….
And, if you found this information valuable, please pass it along to those information and network security, privacy rights advocates and risk management team members in your organization.