Search
Advertisement

Business

Regulatory Resource   Threat Intelligence      Resilient IT      Boardroom Strategies      
Threat Intelligence / Strategies

The Risks of Working in a Wireless World

By Courtney Macavinta

For most CIOs the question is no longer whether their organization will employ wireless communication devices, but how employees will use them securely and effectively. The rise in use of mobile business applications -- from sales forces to field service -- means that many organizations are acquiring and deploying wireless data services at nearly the same pace as cellular voice services. It's no wonder. Between PDAs, laptops, and smart phones like the popular Blackberry, today's workforce expects to be able do its work from any place at any time.

So-called road warriors are driving the trend. Those employees who are on the road at least 30% of the time and who are spending at least $300 a month on wireless carry SmartPhones or BlackBerrys more than twice as frequently as business travelers as a whole, according to an October report by the market research firm In-Stat.

"The smart phone can take a lot of data applications off the desktop-it gets faster better coverage and it's simpler," says analyst Phillip Redman, author of the recent Gartner Inc. report How to Evaluate U.S. Wireless Data Networks and Enterprise Procurement Strategies. "With those changes, some technology risks are inherent."

Among the risks are concerns about the security of mobile data devices. These devices can be easily lost or stolen, which could compromise any sensitive company data stored on them or expose the organization's network to an intruder. Also, mobile data devices used for work tasks often are personally owned by an employee and not provided -- or maintained -- by the organization.

Robert Parker, author of an IT Governance Institute book on privacy, Information Risks: Whose Business Are They, says CIOs always need to be proactive to manage wireless devices. "People will bring their own devices into the organization -- that can increase your exposure to risks."

Here's what experts say CIOs can do to manage and secure devices in the mobile wireless world:

1. Wrangle or rogue devices "The desktop and notebook computing world are really locked down areas and are centralized and maintained," Redman says. "As these devices get more powerful and start supporting removable media-there is more information that could be at risk that's stored on these devices." Redman says the key is for IT to start standardizing not so much the models but the service platform for mobile devices. With standardized service, companies can negotiate better service contracts, get consistent terms of service contracts, and can embed security where needed. "You want to make sure the IT group is the one in charge of this versus the individual," he says.

2. Define user groups The next step is to define requirements of each user group within the organization-one size isn't going to fit all, Redman notes. "With cell phones, data service plans, and different providers, you may have to customize some of the [offerings]." He says organizations should shoot for five to six groups. For example, salespeople who are always on the road probably need a national or international data plan so they can connect their smart phone or laptop to the Internet via the service provider's hotspots around the globe. On the other hand, support staff might just need a basic mobile phone plan with text message capability to send that occasional, "I'm running late..." note from the road. IT might also want to standardize on a single device for a certain group as well. For instance, the financial services industry has to comply with regulations regarding archiving communication-so those employees may need to securely connect to an enterprise server and will need a device that enables that capability.

3.  Set a usage policy Parker says though many companies have usage policies for computers, "they need to get more specific about mobile devices." The policy should mirror the requirements for using a company laptop or internal email service, for example, and include guidelines about setting strong passwords, what communication is prohibited over the device, and limitations on personal use.

Redman says CIOs have an incentive to spearhead such policies: "They are looking to give the support and be proactive before they get burned," he says. "They are putting together policy around mobile devices and services because they are no longer toys, but valuable tools. It's not just a free-for-all."

Courtney Macavinta is a Silicon Valley-based business and technology writer. Her articles have appeared in CNET News, Business 2.0, Red Herring, Wired News, and The Washington Post. She also is managing editor of  the online program The Online Family.

CIO Strategy Center is a daily editorial resource offering innovative insights and strategies for building an integrated, secure and resilient IT infrastructure.

Articles by Topic
Spam and Viruses
Preparedness
Strategies
Related Content

Features

View More


Metrics

View More

Fast Fact

"They are putting together policy around mobile devices and services because they are no longer toys, but valuable tools."

--Phillip Redman, Gartner analyst
Sponsor Tools

Resources

White Papers

View More


Podcast Audio Content

CIO Strategy Center is now available in audio format.

This week's feature topic is:


Preparing for a Disaster
Playtime: 8 min 07 sec



Download | Subscribe

Copyright © 2009 Studio One Networks. All rights reserved.

© MMIX, CBS Broadcasting Inc. All Rights Reserved.