Mobile devices offer quick access to resources and enable electronic transactions from practically anywhere. The emergence and evolution of mobile devices have opened up a new domain of security concerns: mobile security. Mobile devices, if not properly secured, can cause great damage to the user and to the user’s organization.
Consider the following scenario: You are the manager of IT for a fast growing company. The company plans to take advantage of cutting edge technology as one of its competitive approaches to gain market share. It is planning to equip its sales people with mobile devices to take orders from customers. In addition, it is planning to enable its delivery and installation people to process credit card payments from customers upon delivery and installation of the systems, through a wireless credit card payment processing system.
The company recognizes that there are security issues related to electronic transactions using mobile devices. Every time an employee submits a transaction, the information is transferred from the mobile device to the appropriate department over an Internet connection. The company is also concerned that the personal use of company mobile devices will put them at greater risk of malware and other forms of compromise. Loss of sensitive consumer information can result in loss of reputation and potentially lead to legal actions against the company.
The Chief Information Officer (CIO) of the company has asked you to find a way to use mobile devices, in a secure way, to prevent data leakage.
For this Assignment, based on your readings and through additional research, prepare a 4- to 6-page proposal that describes and evaluates applicable security management solutions for the company. Include the following points:
Explain the security threats the employees’ mobile devices may be subjected to. For threats pertaining to electronic transactions, explain countermeasures.
Based on the best practices for mobile security, describe which of these countermeasures you believe would be most effective. Justify your choices.
Propose a security management solution that meets the business requirements. Include tools, processes, and policies required to implement the solution.