/dq/media/agency_attachments/UPxQAOdkwhCk8EYzqyvs.png)
Follow UsFor the past couple of years, the mobile computing has indeed assumed prominence at the enterprise level, which obviously increases the agility of the organizations to react faster to the market. While this brings lot of competitive advantage to the business, it poses serious threats to the enterprise information assets. CIOs or CTOs of today face the challenge of preparing right information security (IS) policies for accommodating the mobile computing gadgets of today. These gadgets bring lot of complications to the business. Losing these gadgets or the memory sticks is simpler, and the impact to the business is loss of business data, which is costly.
In our organization, we get certified for Information Security Management System (ISMS) for some critical business services through ISO 27001 and SAS 70. We are also audited by a few of our clients for some services, specifically for information leakage possibilities. This ensures to a great extent that IS processes are near foolproof. We focus heavily on IS, and we educate our management and members continuously, on the need to control information access.
/dq/media/post_attachments/02b639520d43c3608741f0aa530573c707f81d38bd35a57f5accfd0cdbed1579.jpg)
Basically our organization has strong commitment and conviction towards information security, and we have a strong internal strategic IS team to evolve and implement these policies as and when the environment demands. Our IS administration is centralized, and we conduct vulnerability assessment and penetration testing once in a quarter both at perimeter and internal level.
Some of our thought process is to mitigate this risk of mobile computing including provisioning of closed user network data card for mobile users, so that organization IS protections are extended to the workers on the move as well. The mobile technology is currently dynamic and under evolution. We hope the security systems will mature in the days to come, when the mobile computing settles down.
In the future, we have very little choice of not permitting the mobile devices, which will become essential devices for the people in order to stay connected with the business. One way to counter the risks arising through these devices, is to do a physical audit on these assets periodically to ascertain the traffic and the usage. Another way is that encryption software may be deployed at all end user gadgets, which will ensure that the data is not sniffed even if the gadgets are lost or stolen.