Safeguarding Lost Mobile Devices: Risky Without Policies in Place

No one wants to go through the hassle of having their mobile device lost, stolen, attacked by viruses, or harvested for confidential data. Fortunately, two security features now available on some devices provide additional protection:

  • A threshold of unsuccessful PIN/password attempts can be set. If exceeded, the device will automatically lock itself and erase local memory.
  • The organization's help desk can send a specially formatted SMS command -- a remote device wipe -- which forces the device to automatically delete all information.

This functionality is quite beneficial unless the user merely misplaced the device -- in which case it's as useful as a pet rock. Users need to be aware of these issues -- preferably before they need to call the help desk. Companies should add the security of mobile devices to their policies and inform both their new and existing users. Here are some of the issues that messaging managers should think about:

  • Which mobile devices and OS platforms are supported.
  • Mandatory use, complexity, and timeout of a PIN.
  • Thresholds for unsuccessful PIN entries.
  • Specific information that will be deleted.
  • Delay between issuing the wipe command and actual deletion.
  • Disabling SD cards that cannot be wiped.
  • Locking out the insertion of new SD cards.
  • Re-provisioning of the mobile device and user profile after a wipe.
  • Who is permitted to perform remote wipes and under what circumstances.

... Nancy Cox (editor: Richi Jennings)

Post a comment

You must be logged in to post a comment. To comment, first join our community.