Security+: Top 3 Tips to Deploy Mobile Devices Securely

2
112

One of the best certs is the Security+ because it’s an entry-level type of credentials, which a Cybersecurity enthusiast or specialist can obtain. It covers a wide range of topics:

  • Perform a basic survey of cybersecurity threat landscape.
  • Overall understand of different legislation’s, laws, mandates (as well as ones which enforce and are in existence in the cybersecurity).
  • Deploy and configure security applications.
  • Fundamentals of principles: Availability, Confidentiality and Integrity.
  • Awareness of up-to-date and latest cyber thread tools.
  • General concepts behind network infrastructure installation and design.
  • How to respond to Cyber attacks with the appropriate and right countermeasures.

Mobile devices have become part of our life, society and workplace – deploying such devices is very important for the individuals and businesses, government agencies and corporations, as well as other entities. The topic which are covered by the Security+ cert are relevant to mobile devices.

For example:

  • Mobile devices have become an important and prime target for cyber-criminals and cyber attacks. It is of paramount importance to understand the risks and threads, and also how to combat them.
  • These type of devices have become part of our corporate networks, as employees log in from their Smartphones to access shared files within the corporation.
  • For example, in the healthcare industry, employees use their mobile phone to access patient information, which is confidential. Thus, understanding the federal laws is very important, especially that of HIPAA.

How to Secure Mobile Devices in Your Environment: Security+

In the following section we would like to outline the major steps and key strategies which a Security+ cert holder can take, in order to secure mobile devices within their organization.

1. Implement a Mobile Device Security Policy

It should include the following and it should be part of the Security Policy for corporations and businesses:

  • How software upgrades or patches and firmware should be installed on the smartphone and mobile devices, and also the frequency of checking the upgrades via the wireless vendor’s site.
  • How Mobile Device Management software can be installed and configured on the device and on the sync server.
  • Specific types of resources one user can access via mobile device.
  • The degree to which mobile devices can be used to access these resources remotely

2. Create a cyber threat model landscape

By creating and designing a thread model landscape, the organization will have a good understanding of it from a visual point-of-view. The fact remains: employee negligence is the weakest link in the security chain.

3. Test your mobile security policy and threat landscape before adding and implementing it

Before you implement the policies, it is important to evaluate them in a test environment to see how they will work in a real-world environment. I will list a few examples below:

  • Check the functionalities of the mobile apps which will be installed and used on the wireless device.
  • The connectivity of the wireless devices that will be issued to each employee
  • Making sure the wireless device which you are acquiring is very difficult to jailbreak or root.
  • Check the performance of each wireless device
  • Make sure the devices will not accidentally revert to vendor settings

2 COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.