Smartphones are easier to lose than laptops. Here are some tips to keep your corporate data safe. Smartphones share many of the same risks of laptops and are easier to lose. Ajit Arya, deputy CIO for Arlington County, Va., supports both BlackBerrys and iPhones and is working to tighten its policies for managing them. “We have taken some basic steps,” he says. For example, one recommended best practice is to require passwords. So far, the county has told employees they can set passwords but has not tried to enforce it as a requirement, Arya says. The storage capacity of smartphones is growing—and vulnerable. “Your corporate secrets are at risk and will be for a long time,” says Jonathan Zdziarski, author of iPhone Forensics. Zdziarski says these phones typically leave deleted information in a recoverable state. And some phones now pack gigabytes of storage. Arya says Arlington County addresses this with the ability to wipe phones clean by remote control if they are lost or stolen. To read more on this topic, see: Simple Steps to Hack a Smartphone and IPhone OS 3.0 Adopts Some BlackBerry-Like Security. Wiping data remotely may not be sufficient. Zdziarski says an information thief can prevent the data wipe command from getting through simply by pulling out the Subscriber Information Module—or SIM card—that mobile phones require for network access. He recommends routinely pruning the data stored on a phone with iErase (for the iPhone) or Data Wipe (for the BlackBerry) to prevent months worth of corporate e-mail and other data from accumulating on the phone. Smartphones need to be managed like PCs or laptops—a recurring theme in Gartner analyst John Girard’s list of “10 Smartphone Security Failures You Want to Avoid.” “Companies that do not run a configuration management process will be unable to ensure that their phones are up to date on OS, application and security patches, synchronization and any other desired company policy,” he writes. You need a plan for managing smartphone diversity. Girard recommends establishing one or two devices for full corporate use and possibly a second tier for minimal access, such as e-mail only. Many organizations wind up providing “concierge” services to a CEO or other big shot who insists on using a nonstandard device. Just make sure those who force such exceptions are willing to pay the additional costs for networking and support, Girard suggests. Related content brandpost Sponsored by SAP When natural disasters strike Japan, Ōita University’s EDiSON is ready to act With the technology and assistance of SAP and Zynas Corporation, Ōita University built an emergency-response collaboration tool named EDiSON that helps the Japanese island of Kyushu detect and mitigate natural disasters. By Michael Kure, SAP Contributor Dec 07, 2023 5 mins Digital Transformation brandpost Sponsored by BMC BMC on BMC: How the company enables IT observability with BMC Helix and AIOps The goals: transform an ocean of data and ultimately provide a stellar user experience and maximum value. By Jeff Miller Dec 07, 2023 3 mins IT Leadership brandpost Sponsored by BMC The data deluge: The need for IT Operations observability and strategies for achieving it BMC Helix brings thousands of data points together to create a holistic view of the health of a service. By Jeff Miller Dec 07, 2023 4 mins IT Leadership how-to How to create an effective business continuity plan A business continuity plan outlines procedures and instructions an organization must follow in the face of disaster, whether fire, flood, or cyberattack. Here’s how to create a plan that gives your business the best chance of surviving such an By Mary K. Pratt, Ed Tittel, Kim Lindros Dec 07, 2023 11 mins Small and Medium Business Small and Medium Business Small and Medium Business Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe