Mobile security... don't get stabbed in the back!
"Et tu, Brute? These should not be your last words when you realize that your mobile phone has betrayed you as a result of a lack of security on your mobile device.
Here are some of the primary security issues surrounding mobile devices and offers ideas on how enterprises can address them:http://www.symantec.com/podcasts/detail.jsp?podid=ent_1012_Mobile
As more employees are given mobile devices, it’s been easy to say, “We need a phone for this person,” without giving a lot of thought to the costs, security, and support. A process for giving employees phones must be implemented. For example, when someone requests a mobile device, the request should be approved by a supervisor and the CIO to provide two layers of authorization. There needs to be a clear business justification for the request. Furthermore, the mobile devices should be restricted to business use, staff should be advised against connecting personal devices to systems without the approval of their immediate supervisor, and the policy should clearly delineate potential organizational risks. Finally, mobile devices can present unique security challenges. When a mobile device is lost or stolen, it may not be considered as serious as losing a laptop, but it can be depending on how the device is used. The mobile devices should all be password enabled and possibly equipped with tracking software.
My favorite presentation was regarding the evolving threat landscape. As we become more wired via mobile devices, social networking, and cloud computing, the threats continue to evolve. This was an excellent presentation: http://www.slideshare.net/symantec/evolving-threat-landscape-web-spam-bot