Smartphones | Security Management Practices and Controls
Suitable management practices are indispensable to maintaining and operating a secure infrastructure that integrates smartphones and PDAs (personal digital assistants).
Security patterns implicate the identification of an organization’s data system assets and the development, documentation, and implementation of policies, procedures, standards, and guidelines that help to ensure the integrity,confidentiality, and availability of data system resources. To guarantee the security of the security infrastructure, the succeeding practices should be applied for handheld devices:
- Configuration control and management
- Risk assessment and management
- Organization-wide information system security policy
- Security awareness and training
- Certification and accreditation.
Organizations should assure that handheld devices are deployed, configured, and managed to conform to the organizations’ security necessities and targets.
Numerous security consequences can be avoided if the devices are configured appropriately.
The overarching principle is to establish exclusively the necessitated capabilities and services and to eliminate known vulnerabilities through patches, upgrades, and additional safeguards. Default system and application settings may emphasize features, functions, and simplicity of utilization, at the expense of security.
Administrators should configure devices to reflect their organization’s security necessities and reconfigure them as those necessities change, because producers are not informed of each organization’s security needs. Utilizing security configuration guides or checklists, when available, can help administrators in securing systems consistently and with efficiency.
Smartphone| iPhone EDGE 3G
Securing a mobile phone or PDA (personal digital assistant) would usually include the succeeding steps:
- execute security testing.
- Install and configure extra applications that are required
- implement available upgrades and critical patches to the operating system
- Disable or eliminate unneeded services and applications
- Configure access controls and user authentication
- Configure resource controls
- Install and configure additional security controls that are required, including remote content erasure, antivirus, firewall, content encryption, intrusion detection, antispam, and virtual private network (VPN) software
10 Responses to “Smartphones | Security Management Practices and Controls”
Why is better a visual login technique better than textual passwords ?
Because by its very nature avoids dictionary attacks.
What is the Future of Mobile Security ?
In the near future the mobile devices would need the same protection as personal computers, because more and more people are using smartphones and PDAs to store sensitive information and a new wave of spyware and malware will bee unleashed on handheld devices.
Already security firms like Kaspersky are releasing security suites for handheld devices.
Mobile Security and M-Commerce ?
Until recently, this has not been as high-priority, but at this moment and in the future M-commerce will be one of the leading methods companies and people across the world transact business.
It will be necessary very secure M-commerce using encryption,digital signatures and virtual private networks.
How can a mobile Viruse affect my phone ?
1) can delete or alter all the contact details.
2) it can compromise your applications by modifying them and installing Trojan (for example keylogger).
What is mobile banking ?
It is online banking using your smartphones or PDA.
interesting post
a very good article about Smartphones | Security Management Practices and Controls