follow several regulations, such as the Health Insurance Portability and Accountability Act (HIPAA). A good resource for learning more about security policies is the SANS Institute’s Information Security Policy Page.
Sidebar: Mobile Security As the use of mobile devices such as laptops and smartphones proliferate, organizations must be ready to address the unique security concerns that the use of these devices bring. One of the first questions an organization must consider is whether to allow mobile devices in the workplace at all. Many employees already have these devices, so the question becomes: Should we allow employees to bring their own devices and use them as part of their employment activities? Or should we provide the devices to our employees? Creating a BYOD (“Bring Your Own Device”) policy allows employees to integrate themselves more fully into their job and can bring higher employee satisfaction and productivity. In many cases, it may be virtually impossible to prevent employees from having their own smartphones or laptops in the workplace. If the organization provides the devices to its employees, it gains more control over use of the devices, but it also increases the burden of having to administrate distribution and use. Mobile devices can pose many unique security challenges to an organization. Probably one of the biggest concerns is theft of intellectual property. For an employee with malicious intent, it would be a very simple process to connect a mobile device either to a computer via the USB port, or wirelessly to the corporate network, and download confidential data. It would also be easy to secretly take a high-quality picture using a built-in camera. Information Systems for Business and Beyond (2019) pg. 132
Made with FlippingBook flipbook maker