Educause Security Discussion mailing list archives
Re: Smartphone Policies.
From: Chris Green <cmgreen () UAB EDU>
Date: Thu, 14 May 2009 12:53:17 -0500
I believe that the Harvard Medical Center supports the iPhone very well (per http://geekdoctor.blogspot.com/. The full exchange client on the iPhone can be an advantage. Since the iPhone supports active sync, on Exchange 2007 the active sync “reset your phone” switch becomes an OWA accessible feature. Lock your phone and if you lose it, go remotely wipe it yourself. That’s a pretty sexy sales pitch to a clinician and it covers the lost device component. Smartphones are in our sights as something we have to manage (and the AT&T isn’t our winning bidder) but it does seem to give a reasonable way to address some of the risks of the technology. Change from saying no to saying “here’s the way to make it work and here’s the secret button to remember when you leave it in a cab”. It also helps address the “work versus personal” phone thing because people do find ways to make their job doable or more productive. Same line of thinking for BlackBerry but use the BES rather than the desktop connector so some of the risks can be managed. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Connie Sadler Sent: Thursday, May 14, 2009 12:37 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Smartphone Policies. We are developing a Smartphone policy. But I'll tell you, the iPhones are scary - we cannot technically do anything (that I am aware of) to stop people from connecting and syncing up their mail. In fact, there is an app for the full Exchange client now. There are also a lot of other apps that are being pulled down to personally-owned iPhones that are connected to our network. I have to say, I work in an academic medical center, so it's very difficult to tell clinicians what they can and cannot do with their personal devices on our network (trust me - it's not easy). There are some new products working to address this risk. With more employees taking their iPhones to work, IT departments are scrambling to figure out a way to manage them. The iPhone, unlike the BlackBerry, started out as a consumer device and still lacks some management and security features that corporations have come to expect from other mobile devices. Now, a number of software companies including Good Technology<http://www.good.com/corp/index.php>, Sybase<http://www.sybase.com/> and Tangoe<http://www.tangoe.com/> are stepping in to fill that void. Is anyone looking at these solutions?? http://www.good.com/corp/int_products.php?id=good_mobile_control_iphone&pid=good_for_enterprise http://www.sybase.com/ianywhere http://www.tangoe.com/managed-services/mobile-services/mobile-device-management.html We're also quickly moving to a more "blended" work/life environment - and people (like it or not) are going to expect to be able to get to personal data from work and they want to use personal devices for both - we're going to have to find ways to enable it. -- Connie Connie Sadler CISO, LPCH at Stanford
Current thread:
- Smartphone Policies. Matthew Gracie (Apr 27)
- <Possible follow-ups>
- Re: Smartphone Policies. Plesco, Todd (Apr 27)
- Re: Smartphone Policies. Tupker, Mike (Apr 27)
- Re: Smartphone Policies. Leon DuPree (Apr 27)
- Re: Smartphone Policies. Maloney, Michael (Apr 27)
- Re: Smartphone Policies. Cal Frye (Apr 27)
- Re: Smartphone Policies. Cal Frye (Apr 27)
- Re: Smartphone Policies. Adam Stone (Apr 27)
- Re: Smartphone Policies. Caroline Couture (Apr 27)
- Re: Smartphone Policies. Connie Sadler (May 14)
- Re: Smartphone Policies. Chris Green (May 14)
- Re: Smartphone Policies. Adam Carlson (May 15)