The integration of diverse mobile devices throughout the work environment is both inevitable and enabling. Workflows previously tied to less portable devices can now enjoy free access wherever a wireless signal allows.
But enabling access also presents security, privacy, and confidentiality concerns. Industries that rely on sensitive data such as healthcare, financial, and insurance have heightened risks and concerns. Addressing security concerns is nothing new for these industries, but mobile technologies present a dizzying array of uniquely configured, user-selected hardware and software.
It’s a good bet that the selection of phone, carrier, and apps is driven more by usability than security. Information and security officers have a thinner tightrope to walk when enabling and protecting customers.
So what to do? This white paper explores approaches to mobile security from risk assessment (what data are truly at risk), enterprise architecture (protect the data before the devices), policies and technologies, and concludes with an example of a mobile security architecture designed and implemented within a hospital environment in which both enabling caregivers and protecting privacy, integrity, and confidentiality are paramount.
- Mobile use statistics in the national market and workplace
- Mobile security issues and types of risks introduced by mobile devices
- Compliance and mobile devices, including PCI DSS and HIPAA for e-commerce and healthcare industries
- Diagrams of a PCI/HIPAA compliant hosting solution for mobile app developers
- Best practice data security tools to secure data environments
- Best practice mobile use/BYOD policies that can help establish user standards
- Outsource vs. in-house hosting for mobile app developers
- A real-life case study of implementing a compliant and viable BYOD environment by a hospital CIO