Tip

Mobile security services: Protecting against mobile security risks

There’s hardly any bigger challenge in IT than protecting against mobile security risks, which presents an opportunity for VARs to offer mobile security services.

A recent study by AVG Technologies and Ponemon Institute found

    Requires Free Membership to View

that 66% of respondents store sensitive information on their phones. The question becomes: just how secure are our mobile devices from loss, theft or attack?

More on mobile security services

Enterprise mobile device security best practices

Training mobile employees on protecting data and device security

Mobile security risks

One of the most important things you can do is to educate your clients about how phones and tablets are the new desktops, and how that increases their mobile security risks. Step clients through just how bad things can get when a mobile device is lost, stolen or otherwise mishandled or abused. The Privacy Rights Clearinghouse Chronology of Data Breaches has plenty of good examples. Just be careful not to push fear, uncertainty and doubt on them when pitching mobile security services. Approach this topic from the perspective of business risk. That’ll help build your credibility more than anything.

Several issues are creating quantifiable security risks in organizations today: weak or missing passwords, unsecure wireless usage and a lack of device encryption, malware protection and data backups. In addition, the bring your own device phenomenon takes away some of IT’s control over these issues. Mobile computing complexity is growing, and this complexity is the ultimate enemy of security.

Mobile security services opportunities

The opportunity to provide mobile security services is everywhere. For example, you could help with the following:

  • conducting initial security assessments to find and document the risks;
  • developing standards to ensure the proper controls are agreed upon and put in place;
  • creating policy and procedure documentation to ensure mobile devices are treated like any other business system;
  • writing contingency plans for when a security breach occurs;
  • designing, implementing and providing support for an existing mobile device management platform;
  • implementing and managing ancillary services for mobile devices, such as encryption, antimalware and data backup;
  • and conducting ongoing security reviews.

The consumerization of IT and the constant advancements in smartphones and tablets make it hard for IT to keep up and remain in control. Come up with a strategy to help your clients gain the control and visibility needed to minimize mobile security risks over the long haul. You’ll both win in the end.

About the author
Kevin Beaver has worked for himself for over a decade as an information security consultant, expert witness and professional speaker with Atlanta-based Principle Logic, LLC. With over 23 years of experience in the industry, Kevin specializes in performing independent security assessments revolving around information risk management. He has authored/co-authored 10 books on information security including The Practical Guide to HIPAA Privacy and Security Compliance and the best-selling Hacking For Dummies, 3rd edition. In addition, he’s the creator of the Security On Wheels information security audio books and blog providing security learning for IT professionals on the go. You can follow him on Twitter @kevinbeaver.

This was first published in March 2012

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.