Mobile Device Policy

A Mobile Device Policy should inform your users what is acceptable when using mobiles phones, tablets or other mobile devices either company or private owned.

The Mobile Device Policy should include:

  • Use of corporate managed devices
  • Use of personal, unmanaged devices
  • Security requirements for mobile devices

Mobile devices, either corporate owned or 'Bring Your Own Device' (BYOD) should always be encrypted and protected with at least a PIN Code. It should always be possible to remotely erase the corporate data from the mobile device.

A mobile device management solution can technically enforce many of those policies and can decrease your exposure in case of loss, theft, or an employee leaving the company.

Mobile Device Management Solutions should be implemented to:

  • Enforce Multi-Factor Authentication when possible
  • End-to-end encryption of all traffic from the Mobile Device to the corporate environment
  • Remotely manage, and destroy corporate data on the device
  • Enforce company approved applications and avoid tampering to the device
  • Log and report on policy violations