NIST Releases 2013 Best Practices for Security of Mobile Devices in the Enterprise
The National Institute of Standards and Technology (NIST) just released its latest mobile device management recommendations on how enterprises can best achieve the multiple security objectives: confidentiality, integrity, and availability. In the the Executive Summary, NIST is quite clear “To achieve these objectives, mobile devices should be secured against a variety of threats.for what organizations should implement the following guidelines to improve the security of their mobile devices.”
In this reports, NIST provides a very straight-forward set of recomendations that include:
- Organizations should have a mobile device security policy.
- Organizations should develop system threat models for mobile devices and the resources that are accessed through the mobile devices.
- Organizations deploying mobile devices should consider the merits of each provided security service, determine which services are needed for their environment, and then design and acquire one or more solutions that collectively provide the necessary services.
- Organizations should implement and test a pilot of their mobile device solution before putting the solution into production.
- Organizations should fully secure each organization-issued mobile device before allowing a user to access it.
- Organizations should regularly maintain mobile device security.
- Organizations should periodically perform assessments to confirm that their mobile device policies, processes, and procedures are being followed properly.
This is a great piece of free information on best practices with regard to security of mobile devices in the enterprise and is intended for Chief Information Officers (CIOs), Chief Information Security Officers (CISOs), and security managers, engineers, administrators, and others who are responsible for planning, implementing, and maintaining the security of mobile devices. It assumes that readers have a basic understanding of mobile device technologies and enterprise security principles.
Doug Atkinson
An entrepreneur and executive with a passion for enterprise technology, Doug founded Solutions Review in 2012. He has previously served as a newspaper boy, a McDonald's grill cook, a bartender, a political consultant, a web developer, the VP of Sales for e-Dialog - a digital marketing agency - and as Special Assistant to Governor William Weld of Massachusetts.
- How to Benefit from Moving Your ECM Tool to the Cloud - May 31, 2019
- Where are 5G Networks for Enterprises? - December 21, 2018
- Solutions Review Best of 2018: Top Network Performance Monitoring Articles - December 20, 2018
