An unenforceable mobile policy is worth about as much as the paper it is printed on, so the enterprise has to carefully consider what can and cannot be enforced when crafting a mobile policy. Part of enforcement comes in the form of using technology to force proactive compliance, and the other part is defining reactive repercussions of non-compliance. As a starting point for developing an enterprise mobility policy, use the Info-Tech Advisor “Mobile Device Acceptable Use Policy” template.
Technical Controls
Technology can help ensure mobile policy compliance in four key ways:
- Forcing encryption of data at rest on mobile devices.
- Forcing secure connectivity on unsecured public networks.
- Ensuring unauthorized mobile devices do not have access to the corporate network or company data.
- Ensuring mobile user spending is in line with the mobile policy and additional costs can be recovered.