Network Trace
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

27) Does your organisation technically enforce security controls on mobile phones and tablets before allowing access to company data or services?

August 30, 2022

Answer yes if your organisation requires technical enforcement of security controls on mobile phones and tablets before access to company data or services is granted. For example, this could be done through the use of MDM (Mobile Device Management) software. In the notes, please describe the nature of the controls, the method of enforcement and any related processes.

If your organisation allows its employees to access business data or services through their mobile devices (whether company provided or through a BYOD model), this must be protected with technical controls such as through the use of mobile device management (MDM) software. MDM software can achieve a number of business goals, but from a security perspective the key controls include:

  • ensuring all devices have a pin based or biometric based lock with a reasonable lock out time enforced;
  • ensuring all devices are encrypted;
  • allowing devices to be remotely wiped if stolen or lost;
  • controlling the download and installation of applications;
  • controlling the transfer of data on and off of the device, as well as between secure areas on the device.

MDM software could be third party software or could be already be built into the devices operating system (for example, if your organisation uses G Suite for Business you can enforce MDM policies through the G Suite Administrator portal).

How to implement the control

There are a number of ways to enforce technical controls across your organisation's mobile devices.

For small and medium enterprises who use G-suite, you can enforce MDM policies and features through the Google Administrator portal. Here you can enforce screen locks, application whitelisting, and remotely wipe any devices that are lost of stolen.

If your company uses a different solution to manage its users and email services you may want to check if the solution includes built in MDM features.

Your company may also choose to use a third party vendor solution to implement MDM features across its mobile estate.

If you would like to contribute to this article or provide feedback, please email Contributors will be recognised on our contributors page.

Pattern Trapezoid Mesh

Defend against supply chain attacks with Defend-As-One.

No organisation is an island.