Mobile Security

This post is courtesy of Correct Field Technician Derek Tse


As the consumer market explodes, their are many devices like smartphones and tablets which has emerged to help businesses communicate easily and enhance productivity. From being able to reply to emails on the phone, to comparing prices or data on your tablet or to accessing the company network via your laptop.

As a business, do you have…

  • A security plan/policy for your mobile devices?
  • A way to track, disable and wipe your mobile devices?
  • Do you allow your employees bring their own devices?
  • Do you also have a way to screen employee’s devices which has access to the company data?

While there are many good points to using mobile devices, one point that must be address is how do I secure my company data without losing the benefit of been mobile? This is a very important question now days as smartphones and tablets are everywhere, Internet access is getting affordable and it is becoming a must to stay competitive in the business.

Let’s have a look at how we access and defend our company data…

Mobile phones/tablets

There are 3 major mobile operating systems that you can use…

  • Apple iOS
  • Google Android
  • Microsoft Windows Phone 8 / Windows 8 RT

All three can access email via Microsoft Exchange ActiveSync or access your company network via VPN to access files or running a mobile application. Both Apple and Google use the same operation system for both their phone and tablets, while Microsoft has enlisted a cut down version of Windows 8 called Windows 8 RT for their tablet range.


Already there are inbuilt security features in all of these devices which are listed below…

Remote Lock Remote Wipe Alarm/Play sound Find My Device Backup
Apple iOS Yes Yes Yes Yes via iCloud
Google Android No No* No No via google account
Microsoft Windows Phone 8 / Windows 8 RT Yes* Yes* Yes* Yes* via Microsoft account

Out of the box, Apple and Microsoft Windows Phone 8 has a complete full security set without exchange’s security feature enabled. Google Android and Windows 8 RT have a limited security set or no security. What Microsoft has put in place since Exchange 2007 is the mobile security policy. The security policy allows you to maintain the mobile devices by enabling or disabling certain features. The two major features you do want to have enabled is the remote wipe and enforce password, this will ensure your devices are not easily used by non-company staff and give you security in the event of being lost or stolen.

So far with the mobile security policy from Microsoft Exchange, you have some control of your mobile devices. But, there are still areas that you don’t have full control like…

  • If there are SD cards (memory card), do they get wiped when I send the remote wipe command?
  • Can I locate my mobile device on a map and sound an alarm?
  • Can I remotely lock the phone to deter the usage of the device if lost or stolen?

With this in mind, you will need to utilise 3rd party management software to complete the lockdown and monitor of all mobile devices. There are many management software out there but what you need to look for is…

  • Complete remote wipe of all device’s storage area including SD cards.
  • Remote locking of device.
  • Ability to map where the device is located.
  • Single management console.
  • Can be install on various mobile devices.
  • Licensing – whether it will be on a per user or per device model.

The last and final hurdle you will need to complete is the company’s written policy on mobile devices and employee’s devices access company data. While it is all well and good to wipe, monitor and lockdown if the mobile devices is company own, it is another matter (legally) if the device is not own by the company.

Please make sure that your employees understand (verbally and in writing) that the company does have responsibility of securing the company data and if they are to use their own devices for work, the devices will need to be screened, monitored and if the situation arises the device to be wiped cleaned.