¶ … advances in technology have transformed the way that firms are addressing security related issues. This is because most devices have become much smaller and they are often focused on providing users with remote access. As a result, these kinds of platforms are a potential danger to all organizations. ("Guidelines for Securing Mobile Devices," 2012)
Evidence of this can be seen with observations in a report prepared by Stanford University which said, "Mobile computing devices can store large amounts of data, are highly portable and are frequently unprotected: they are easy to steal or lose, and unless precautions are taken, an unauthorized person can gain access to the information stored on them or accessed through them. Even if not stolen or lost, intruders can sometimes gain all the access they need if the device is left alone and unprotected, if data is 'sniffed out of the air' during wireless communications, or if malware is installed. The results can include crippled devices, personal data loss, disclosure of non-public University data, and disciplinary actions for the device owner." These different areas are showing the challenges of shifting platforms. In the future, these issues will become a major threat that must be continually dealt with on a regular basis by all corporations. ("Guidelines for Securing Mobile Devices," 2012)
As a manager, how would you plan on securing organizational data?
In order to address any kind of security issues; requires that an all-encompassing approach is utilized. This will be accomplished by focusing on a number of different areas that will improve the total amounts of protection. These include: conducting regular training, encrypting all data, having back up procedures in place and rotating the SSH regularly. The combination of these factors will work in correlation with each other to address a host of challenges. Once this takes place, is when the firm will be able to adapt and evolve with new threats. This is the point that the underlying risks will be dramatically reduced. ("2011 IT Security Practices," 2011) ("Enterprise security best practices," 2011)
In the case of conducting regular training, there needs to be an emphasis on understanding the threats facing the company and identifying potential solutions....
The best way that this can be achieved is through knowing the environment. This means analyzing the possible weaknesses and threats. Once this happens, is when personnel must create a protocol that will address these challenges. ("2011 IT Security Practices," 2011) ("Enterprise security best practices," 2011)
After this occurs, is when effective training must be conducted on a regular basis. This will take place at least once per quarter through a series of workshops and practical examinations. This will teach staff members about possible early warning signs of security breaches and how to effectively respond. When this occurs, employees will serve in a role of monitoring and identifying any kind of possible issues. ("2011 IT Security Practices," 2011) ("Enterprise security best practices," 2011)
It is at this point that the underlying threat can be isolated. Every quarter, this training will be continually updated to reflect new threats and how to deal with them. If this kind of approach is used, it will increase the total number of people monitoring these issues (which will have an impact on the firm's ability to mitigate these challenges). ("2011 IT Security Practices," 2011) ("Enterprise security best practices," 2011)
The encryption of all data is when any kind of sensitive information is available only to the end users. For those individuals who are seeing this information over a mobile device, these services are often unavailable. This is because the majority of data is not protected in the same kind of format as a secured network (thanks in part to the cloud applications that are being utilized). To address these kinds of challenges, all firms must have a third party provider that will encrypt all data. This will make it more difficult for hackers to view sensitive information that is being transferred from the server and the mobile device. ("2011 IT Security Practices," 2011) ("Enterprise security best practices," 2011)
Having back up procedures in place is looking beyond the common solutions that are often utilized by firms. What normally happens is most firms will have some kind of certificate of authority (CA). This is an application that is designed to provide added assurances about the safety of using a particular platform. ("2011 IT Security…
