Comments
Uncle Sam Wants To Secure Your Smartphone
Newest First  |  Oldest First  |  Threaded View
Tom Mariner
50%
50%
Tom Mariner,
User Rank: Strategist
7/23/2012 | 1:11:17 PM
re: Uncle Sam Wants To Secure Your Smartphone
This discussion is like the one now going on about healthcare -- Trillions of dollars of protection and the benefits largely missing from the conversation. (In the case of medicine, its called "the patient". $50,000 per patient record possibly, maybe exposed, and not much penalty for killing a guy because of bad or missing data.)

Yes, it is possible to squeeze total financials, business plans, damaging emails, etc. through a mobile computing device. Yes, it is much easier to misplace a phone than a desktop or mainframe. But BYOD also brings amazing new ways of empowering workers of all types and levels. My new S3 forces me to accept remote wipe, complex passwords, and some encryption as the price to connect to my Exchange. Don't ignore the security issues, but at least include the dramatic new ways of sharing data and a command structure whose benefits to the corporation may mitigate something less than a hard-wired Ethernet cable.

And the price savings that hundreds of millions of workers just handed IT instead of company-owned stupid E-mail-only Blackberries at $500 apiece.
Andrew Hornback
50%
50%
Andrew Hornback,
User Rank: Apprentice
7/20/2012 | 2:54:49 AM
re: Uncle Sam Wants To Secure Your Smartphone
As a set of baselines for organizations to follow, this is a great starting point.

Being in a position where I'm responsible for setting and implementing mobile device security policies, there's absolutely no way that I would allow a rooted or jailbroken device on my premises, much less on my network. There's too much risk associated with these devices and I'm not comfortable with the idea of my organization assuming that risk. I'm not aware of any reasonable business case out there that would change that stance.

The only reason that I can see to do something like that would be if I was involved with an organization that rolled its own mobile OS patches or even operating systems and implemented them on COTS hardware. Don't see that happening anytime soon, however.

Andrew Hornback
InformationWeek Contributor
Andrew Hornback
50%
50%
Andrew Hornback,
User Rank: Apprentice
7/20/2012 | 2:47:49 AM
re: Uncle Sam Wants To Secure Your Smartphone
I think what the NIST paper is trying to get at is that in order to make appication and enforcement processes as homoegenous as possible across various platforms, that the directives in a security policy for mobile and non-mobile platforms should be as homogenous as possible as well.

Andrew Hornback
InformationWeek Contributor
EVVJSK
50%
50%
EVVJSK,
User Rank: Apprentice
7/19/2012 | 8:06:55 PM
re: Uncle Sam Wants To Secure Your Smartphone
"To the extent feasible and appropriate, the mobile device security policy should be consistent with, and complement, security policy for non-mobile systems,"

Mobile is inherently different that non-moble. Hopefully what was meant was to compare it with previously existing mobile system (such as laptops) which have been around for some time (device encryption, password protected unlock, communication encryption, etc...)


Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 7, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program!
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.