Small and Medium Business (SMB) can really benefit from mobile readiness.  Beyond the obvious reasons (the idea of “readiness” and a paired security posture hardly needs to be sold), the SMB market can capture and leverage a whole population of assets that essentially have no overhead.  No TCO, no appreciable Time to Value (TtV); they’re here now, in that they’re often owned and maintained by people as personal assets:  Things such as smartphones and laptops.

Of course, often enough these devices are provided by SMB too, as tools of any particular job; but there does exist a ready population that can be exploited – and that must be protected.

Whatever devices (and associated users) desire to access your data, systems, and tools – you must take inventory and qualify access before you greenlight it.  Assess whether a particular user really needs remote access – is it going to be an efficient enhancement to work?  Will it be productive?  Does supervision agree that access is desirable?  Is a strong case being made?

Then the risks can be weighed against the benefits – and there are always risks.  Mobile devices will harbor sensitive data – and that data can easily be lost.  Also, mobile devices transmit updated data back into your central repositories – on your network:  filestores that represent the content feeding your mission critical applications.  Things such as the organization’s sensitive financial information; customer databases and records, sensitive correspondence – you name it.  You must ensure sourced mobile data is healthy, accurate, and whole.

Mobile devices also represent a portal through which malware may enter the organization.  Therefore, an entire regime of recurring user education is necessary, and a standard schedule for review of devices for compliances and updated protections for malware, etc., is absolutely essential.

When devices are lost, it is imperative that users alert IT – lost devices can allow unauthorized access to the network; IT must immediately bar a device’s ability to access upon loss.  And while on that subject, beware devices that have unsecured remote access – that is, no password or stored password, allowing the “greased entry” upon a simple switch-on of the device. 

Let’s keep rolling on this…

NP:  The “In” Crowd – The Ramsey Lewis Trio, jazz24.org.