2A GUIDE TO SECURING YOUR BUSINESS

Securingyour mobile success

it’s time to sToP thinking about security as a reason to say ‘no’ and sTArT thinking about it as a reason to say ‘yes’.

Advances in technology and mobility come at

us fast and furiously. successful businesses will

embrace the technologies that spur growth but

also remain aware of potential risks and have a

plan to deal with them.

it starts with understanding the many available

security features and tools on the market. This will

help you make better decisions about the wireless

technologies that are best for your business.

in this guide you’ll find 15 practical tips,

suggestions and ideas you can implement right

now to help secure your business. if you want to

dig deeper, we offer links to many other sources of

inspiration.

Dive in now for ideas on how to securely harness

the power of mobility.

3A GUIDE TO SECURING YOUR BUSINESS

15 wAysTo secure your business

what’s your organization’s mobile security iQ? 1. »

Get educated: learn from other businesses 2. »

Kickstart a new iT risk Attitude 3. »

Practical Business security advice

Discover built-in blackberry Defenses 4. »

beyond Pass-code lock: Keeping your iPhone and Data safe 5. »

is Android secure enough for business?6. »

master mobile Device management 7. »

securing Personal Devices at work 8. »

Do you Know where Those Apps Go? 9. »

Hit the road Jack: mobile computing made safe 10. »

shut out Hackers: secure your wireless wi-Fi network 11. »

make network Downtime a Thing of the Past 12. »

device, aPP & network tiPs

securing the cloud 13. »

i spy: monitoring your business from Afar 14. »

Protecting against emerging Threats 15. »

emerging technology tiPs

4A GUIDE TO SECURING YOUR BUSINESS

What’s Your Organization’s Mobile Security iQ?How does your business rank when it comes to proactive security?

1Why It matters

Assessing the security risk of the technology, processes and people

that support your business is the first step in securing your business.

self assessment tools, like the ones to the right, are easy, fast and

typically free. so why not start now?

What It Can Do For your BusIness

Help you evaluate where your business stands and give you ideas •on how to mitigate future risk.

identify the greatest risks to your business and prioritize which to •tackle first.

create a “wake-up call” for your leadership team on risks and priorities.•

3 thInGs you Can Do noW

Take the quiz.1. no matter what your score, you’ll find opportunity for improvement or reinforcement of what to keep doing.

Share the results with your staff2. to educate them on risks.

Build awareness with your leadership team.3. share your scores, including how you fared on existing security measures, to help get buy-in for future security proposals.

don’t assume your Business is secure. Find out For sure.

identify security risks and monitor your ability to respond to threats in your computing environment with Microsoft’s Security Assessment Tool.

Find out how well your business is protecting personal information and how compliant you are with mandatory regulations with this self assessment tool from the office of the Privacy commissioner of canada.

5A GUIDE TO SECURING YOUR BUSINESS

get educated: Learn from Other BusinessesWhat are successful companies doing to protect their business?

2Why It matters

smart companies are becoming more proactive about security, deploying

security processes and security tools to protect their business and gain a

competitive edge. learn from them in the latest security research.

What It Can Do For your BusIness

Fuel change – security best practices from other businesses can •help motivate your leadership team to act now.

Keep you focused on what matters – figure out where to focus •your efforts and how to prioritize security initiatives.

secure your business faster with practical ideas from companies •

like yours.

3 thInGs you Can Do noW

read free annual security reports –1. Take a look back at the past year and ahead to the threats we can expect. Access a full list of free reports from security companies, publishing organizations and iT research businesses here.

Subscribe to free ongoing security news e-blasts or blog posts –2. stay on top of the latest threats with expert advice from iT publishing companies like iT world canada, Tech republic or cneT.

Be part of the conversation –3. security is a hot topic. now is the time to reach out to your network of tech colleagues or attend a mobile tech security event for advice.

get security survey highlights and Practical moBile advice.

Get highlights from the 2010 cio security survey and practical mobile security tips with this webinar from iT world canada.

read this white paper for a realistic vision of how mobile security needs to be considered to help businesses grow

Deep dive into security best practices with the 2012 Global state of information security survey® from Price waterhouse coopers.

6A GUIDE TO SECURING YOUR BUSINESS

Kickstart a new iT risk AttitudeYour employees: responsible risk takers or data daredevils?3

Why It matters

Human error is the primary cause for security breaches in business

today, yet most organizations provide little on-going security

education to non-iT staff. with the rest of the company thinking

risk and security is iT’s responsibility, it’s wise to consider making risk

management everyone’s job.

What It Can Do For your BusIness

significantly increase the level of security in your business.•

build a culture of security and responsibility. •

Help your business be more proactive in new technology decisions.•

3 thInGs you Can Do noW

Make all employees risk managers.1. Add accountability for risk management to performance goals for everyone across the company.

Build a comprehensive communication plan 2. that teaches employees about emerging threats, security policies, and best practices.

commit to ongoing risk management training.3. The lack of end-user training is a growing threat to iT security.

Bring risk management out oF the it dePartment and into everyone’s joB.

Find out how to make risk management more personal in your business with this blog post.

learn about what global iT managers and cios are doing to better mitigate risk with this Global risk study from ibm.

want more?

Get tips on how to help employees understand data risk management here »

7A GUIDE TO SECURING YOUR BUSINESS

Discover Built-in BlackBerry DefensesYour BlackBerry smartphone is a security powerhouse. Are you harnessing its power for good?

4Why It matters

over the last decade, rim has built a sound reputation on the strength

of its security features. This has much to do with business enterprise

(bes) software. but even the best software doesn’t protect against

uninformed or negligent blackberry®

users. implementing a few quick

and easy safeguards can go a long way in securing your devices and

the information on them.

What It Can Do For your BusIness

Protect against unwanted applications and malware.•

manage multiple devices on rim’s stable and secure •operating system.

Protect your sensitive data no matter how it’s accessed. •

3 thInGs you Can Do noW

Set a password policy 1. with a minimum length of 5 characters and a maximum of 10 password tries before automatic device self wipe. click here to find out how to add a password to your smartphones.

encrypt data 2. stored on your device and/or your microsD media card in four simple steps. click here to find out how.

Wipe devices3. before they are passed on to another employee. Go to the options menu on the device, select security, then security wipe. it will ask you to type in BlackBerry to complete the wipe.

get BlackBerry security tiPs and tricks straight From the Pros.

check out this webinar to find out more about blackberry® built-in security tools.

want more?

check out the blackberry® security knowledge base for a wealth of information on all aspects of security for blackberry® devices.

Get 5 tips from cio.com to keep your blackberry® smartphone safe here.

8A GUIDE TO SECURING YOUR BUSINESS

Beyond Pass-code Lock: Keeping Your iPhone and Data SafeHave you thought beyond the basics?5

Why It matters

Apple has polished the business features of its operating system with

security that stretches well beyond pass-code locks. From exchange and

remote wipe support, security and configuration to VPn options and

encryption, Apple users can now keep their iPhones® and the data they

access safe.

What It Can Do For your BusIness

Provide a layered approach to keeping your information secure •with device policies, restrictions and encryption.

Protect all data stored on devices with hardware encryption.•

clear data and settings remotely in the event of loss or theft.•

3 thInGs you Can Do noW

Manage iPhone1. ® through a central console. set up accounts, set restrictions, and configure devices quickly and remotely using a third-party console for mobile device management. click here to find out how.

Set up VPn access and teach your employees how to turn it on, 2. so you can communicate private information securely over a public network. Get help on setting up VPn here.

get a security app.3. security apps can add another layer of protection for business, from biometric security apps that authenticate users with the touch of a finger, to alarms that protect your device from theft or loss.

learn how to keeP inFormation secure on Business iPhones.

want more?

Get more security tips on how to secure your data from Apple here.

Hear what Apple has to say about iPhone® security in this on-demand webinar.

Get informed: everything you want to know about Apple’s security features for iPhone® here.

9A GUIDE TO SECURING YOUR BUSINESS

is Android Secure enough for Business?Did you know the latest Android devices are packed with better security features?

6Why It matters

why should you care about Android™? employees are increasingly opting to

bring their personal devices to work. Android™, Google’s operating system that

powers many of the world’s smartphones, gives you the ability to manage and

secure a good portion of these devices from one simple operating system.

What It Can Do For your BusIness

better control over personal and business mobile devices at work.•

Access to a universe of third-party security solution providers who •can quickly custom build secure apps for your business on Android’s open platform.

set-up, configure and perform frequent security updates with •

relatively little effort using auto-discovery features.

3 thInGs you Can Do noW

Stop saying ‘no’ to personal devices. 1. The last thing you want is a rogue experience at your company. An informed iT department is the best way to ensure your business is secure. Get advice on how to manage personal devices at work here.

Adopt mobile device management (MDM). 2. This is a critical part of managing the plethora of Android™ devices, so take the time to chose features wisely. Get mDm advice here.

use google apps to manage Android security policies.3. Google Apps Device Policy Administration can help you enforce policies and remotely wipe lost or stolen devices.

get Better control and security over Personal and Business devices.

want more?

learn 6 ways to protect your Google phone here.

check out this essential guide to Android™ at work for business users here.

Get 10 tips to turn Android™ into a business phone here.

Get security advice straight from Android™ in this on-demand webinar webinar here.

Get informed: 5 things you should know about Android™ for business.

10A GUIDE TO SECURING YOUR BUSINESS

Master Mobile Device ManagementAre you managing mobile technology on the fly?7

Why It matters

many businesses have a myriad of devices and operating systems accessing

company data. How prepared are you to manage yours? mobile device

management (mDm) tools are quickly becoming a must-have. not only can

they help centralize the control, security and costs of these devices, but they

can also minimize the time spent on maintenance.

What It Can Do For your BusIness

manage assets, inventory management, software licenses, security •controls, and more.

Quickly authenticate your staff, regardless of their device.•

speed up device and software deployment and reduce downtime by •

diagnosing and fixing problems remotely.

3 thInGs you Can Do noW

Prioritize mobile device security and management needs. 1. Figure 6, page 7 of Juniper’s whitepaper has a great list to get you started.

choose an integrated MDM solution instead of many individual 2. tools. ideally it should integrate with network access controls, support all popular devices and cover the full life cycle of devices. check out these mDm players: Juniper, mobileiron and Trellia.

Mean what you say: enforce policy.3. monitor device usage, limiting or removing privileges where necessary, and blocking insecure sites or networks.

centralize your control. minimize the risk.

Find out how mobile device management can benefit your business with this white paper from Juniper and enterprise strategy Group.

This e-book is chock full of juicy discussions on the latest trends in mobility. Topics covered include mobile device management and app development. skip to page 70 for specific advice on device management tools.

11A GUIDE TO SECURING YOUR BUSINESS

Securing Personal Devices at Workis it time for a Bring Your Own Device (BYOD) policy for your business?8

Why It matters

Today’s workers are bringing their own personal smartphones, tablets and

laptops to the office for both personal and professional use. many businesses

have accepted this reality and are creating strategies that offer employees more

freedom in exchange for a higher level of personal accountability.

What It Can Do For your BusIness

Keep employees happy and productive while reducing cost of •ownership for devices.

support telecommuters and create a more flexible work •environment

reduce unauthorized access to company data from staff-owned devices.•

3 thInGs you Can Do noW

Set clear expectations and policies. 1. be clear about which personal mobile devices are allowed in the workplace and how you expect staff to keep these devices safe (managing passwords, using only sanctioned apps etc.).

invest in a 2. mobile device management solution. retain control and visibility over all devices from a central platform, installing software that creates walls between corporate and personal data and enables data blocking or wiping.

revisit reimbursed policies.3. some companies are moving to a shared-responsibility model, implementing optional byoD policies and supporting them with grants, stipends, and loans.

give your team the tools they need to securely access corPorate data From Personal smartPhones or taBlets.

want more?

Get tips from unisys on developing a byoD policy here.

7 questions you should answer before you implement byoD at your company. sybase.

see how smart companies are letting employees use their personal gadgets to do their jobs. wall street Journal.

Find out how your business can capitalize on byoD in this webcast and white paper from unisys.

12A GUIDE TO SECURING YOUR BUSINESS

Do You Know Where Those Apps go?got the latest must-have business app? How do you stop it from accessing off-limit data?

9Why It matters

Apps can pack a lot of power into your pocket. before inviting them in, make

sure you know the full capabilities of these programs, including the amount

of information they take from your employees’ devices. including apps as part

of your regular mobile security check can help keep your business safe.

What It Can Do For your BusIness

Prevent staff from unintentionally exposing your network and •devices to viruses and hackers.

limit the downloading of malicious, pirated or repackaged •applications from unofficial websites.

ensure that apps on business-used devices are not accessing •

sensitive business data without your permission or knowledge.

3 thInGs you Can Do noW

Say ‘no’ to app permissions. 1. Did you know nearly one third of apps in major apps stores access users’ locations? And an increasing number also access contacts? make sure users know when to say ‘no’ to apps that are requesting this kind of information access.

create a pool of approved apps. 2. Define app download policies and make sure users only download (and update) approved software.

use application access control software.3. not all apps are what they seem. These tools look at how your device is behaving and, if it sees something suspicious, quarantines and even remote wipes it.

make sure to include aPPs as Part oF your regular moBile security check.

Find out how mobile apps access personal data and explore security with this report from Lookout Security.

watch this video from No Panic Computing to learn how to change Facebook privacy settings to stop it from accessing employee information.

13A GUIDE TO SECURING YOUR BUSINESS

Hit the road Jack: Mobile computing Made SafeA few simple changes to the way you use mobile computers can go a long way in protecting your business.

10Why It matters

your business is contained on your employees’ laptops, notebooks and

tablets, yet the increasing complexity of technology, connectivity, security

and confidentiality creates unprecedented risk. whenever sensitive

data is stored outside firewalls or accessed through wi-Fi and remote

networks, it’s smart to take added security measures to minimize risk.

What It Can Do For your BusIness

Help employees work safely from home or on the road.•

Protect your business from theft of intellectual property or •valuable devices.

limit access to important data to the intended user.•

3 thInGs you Can Do noW

Save or backup documents to a shared network drive or the 1. cloud, not a hard drive. Protect important files from computer crashes and laptop losses.

encrypt Microsoft Word2. ®

docs. encrypting a document is as simple as right clicking and selecting “encrypt”. why not enforce encryption?

Advise employees of simple do’s and don’ts.3. Don’t leave it in a car, do carry it in a backpack, don’t fall for common phishing scams.

Protect your moBile devices and the inFormation they access From theFt.

Get tips on how to make mobile computing safe in this on-demand webcast.

mobile Computing Video tips from no Panic Computing

Tip 1: learn how biometrics, passwords and encryption can protect your laptops and tablets here.

Tip 2: learn how to identify phishing scams with this video from No Panic Computing here.

Tip 3: learn how to avoid a common security threat for windows XP here.

14A GUIDE TO SECURING YOUR BUSINESS

Shut Out Hackers: Secure Your Wireless networkAre you underestimating the security of your Wi-Fi network? 11

Why It matters

To protect your business, it’s important to keep outsiders from accessing

your wi-Fi network. Don’t hold off on protecting your network; hackers are

increasingly focusing on small- and medium-sized businesses. Fortunately, there

are simple, low-effort things you can do now to improve network security.

What It Can Do For your BusIness

Protect your network from disruption, which can jeopardize •confidential customer data, interfere with supply chain activities and result in lost revenue.

Keep your business compliant with canadian privacy regulations •such as PiPeDA.

Give your mobile staff a secure way to access your network from public •

hotspots when travelling.

3 thInGs you Can Do noW

change wireless router default settings and stop 1. broadcasting your network iD. click here to find out how.

Minimize signal leakage. 2. move your router to the middle of the office and turn it off if not in use for long periods of time.

invest in a virtual private network (VPn) 3. so that mobile workers can securely connect to your network from public wi-Fi hotspots while on the road. click here for more information on VPn

hackers love to Penetrate networks. make sure yours is secure.

want more?

click here for a quick lesson on wi-Fi security with this free online class from Hewlett-Packard.

learn from cisco in this video: what are bots, Viruses, malware, spyware?

7 considerations for your wireless network for you to think about, courtesy of Focus research.

Get quick tips on working wirelessly, both in and out of the office.

15A GUIDE TO SECURING YOUR BUSINESS

Make network Downtime a Thing of the PastHow much revenue do you lose during internet outages? What’s the impact to your reputation if your POS system goes down?

12Why It matters

Downtime for critical systems can mean huge revenue and productivity

losses and impact your reputation. it pays to have a back-up plan when

your primary access to the internet goes down. wireless technology can

help keep your business up and running.

What It Can Do For your BusIness

ensure continuous up-time for transactions, communications, •enterprise applications and other critical systems.

Keep your business running during disease outbreaks, inclement •weather, or natural disasters.

Protect your reputation, customer confidence and employee morale.•

3 thInGs you Can Do noW

identify mission critical systems. 1. understanding which systems require 100% uptime is the first step in building a back-up plan.

Find out how much network downtime is really costing your 2. business. self assessment tools can help you quantify how much downtime is costing your business so you can build the business case for a back-up network access solution.

choose a back-up solution that includes network and carrier 3. diversity. backing up a main wireline connection with wireless network access from another carrier significantly reduces your vulnerability.

keeP your Business uP and running when your Primary network goes down.

How much is network downtime costing your business? Find out with our Point of sale roi calculator and see how much you save with a secure wireless back up plan in place.

Find out how blinds To Go addressed their need for a failover solution for their Pos systems.

see how critical network Access can help your business

16A GUIDE TO SECURING YOUR BUSINESS

Securing the cloudAre you considering putting services in the cloud?13

think aBout how to Protect your data BeFore you move it to the cloud.

Why It matters

cloud computing delivers on-demand, scalable resources accessible

from just about anywhere, through the internet. before moving aspects

of your business to the cloud, it’s a good idea to think about how to

keep your data secure once it’s there.

What It Can Do For your BusIness

Access the latest technology to stay agile and able to adapt to •changing business environments and security threats.

Deliver on-demand self-service to employees without the risk.•

expand what your company does and who you collaborate with.•

3 thInGs you Can Do noW

classify data based on how critical it is to your business. 1. before you decide what data to move to the cloud, consider your risk tolerance and legal or compliance responsibilities.

Perform due diligence when choosing cloud suppliers. 2. Get references. research their audit process. negotiate a strong service level agreement (slA) that covers roles and responsibilities, data storage and disposal, and disaster recovery plans.

Know where your data is living.3. if your cloud provider is not based in your country or province, the servers that store your data may be subject to the laws of another country. This could make your business noncompliant with local regulatory requirements or expose information to authorities in other jurisdictions.

check out this iT world canada white paper which examines canadian companies and who is moving to the cloud – as well as when and why.

Get insights from Price waterhouse coopers on different cloud models and how to secure them in this white paper.

check out this webcast from www.techrepublic.com which covers the primary considerations to protect your most precious assets in the cloud.

17A GUIDE TO SECURING YOUR BUSINESS

i Spy: Monitoring Your Business from AfarM2M: How machines can help you keep an eye on your business.14

remotely monitor and Protect staFF, Fleets and assets with wirelessly connected machines.

Why It matters

you’ve probably heard the term machine-to-machine (m2m) being tossed

around with increasing frequency over the last year or two. These services

let you remotely monitor and protect your fleet, assets and staff from your

smartphone or tablet, using wirelessly connected devices.

What It Can Do For your BusIness

secure multiple warehouses, sites, vehicles, buildings or stores.•

reduce theft: know where your inventory, freight and assets are •at all times.

Keep remote workers safe and connected to security response teams.•

3 thInGs you Can Do noW

connect your on-premise surveillance cameras to a mobile app 1. to monitor you business from anywhere. see how Pita Pit used video surveillance to reduce shrinkage here.

install fleet tracking systems in your vehicles to better track 2. your valuable assets. see how Highway Technical engineering services monitors its fleet and keeps mobile workers safe here.

Provide connected devices to field workers in hazardous 3. conditions to monitor their safety. check out vendors like blackline GPs, Tsunami solutions and mentor engineering.

see how Highway Technical engineering services monitors its fleet and keeps mobile workers safe.

explore how m2m can help you remotely monitor and secure your business.

Find out how Pita Pit used video surveillance to address an outbreak of inventory and cashier-related shrinkage at their stores.

18A GUIDE TO SECURING YOUR BUSINESS

Protecting Against emerging ThreatsWhat impact do social media networks, online games or software have on security?15

Why It matters

Although mobile malware is still in its early days, it’s smart to be aware of emerging threats and the ways to defend against them. look ahead, keep informed and protect against the leaking of sensitive information to the public by employees. Prevent external scams delivered through social

media sites or repackaged games or software.

What It Can Do For your BusIness

Keep employees alert and prepared for the latest threats and •educated on acceptable behaviour.

Keep networks and business devices safe from the latest •cybercriminal threats.

increase the confidence of your customers, partners and staff •

in the security of their data.

3 thInGs you Can Do noW

create a policy to set expectations for social media users. 1. with social media malware on the rise, shaping user behaviour and increasing governance for social network use is a smart choice.

install anti-malware software regularly. 2. with the increasing speed of malware changes and distribution, it’s important to make sure anti-malware software on all business mobile devices is updated regularly.

consider data loss prevention tools. 3. Prevent inadvertent or intentional exposure of sensitive business information by identifying critical content then tracking and blocking it from being moved.

keeP in mind that emerging threats can From Both within and outside oF your organization.

want more?

learn about the social media sites, and hear what small and medium sized businesses are doing to protect against emerging threats here.

learn about emerging threats and how they are impacting businesses here.

Get a view of what’s hitting the top 5 cybercrimes and scams today here.

Get informed commentary on emerging trends in attacks, malicious code activity, phishing, and spam here.

19A GUIDE TO SECURING YOUR BUSINESS

Are YOu reADY?

STOP worrying. STArT now.

security should be a source of positive motivation, because good security is key to winning your

customer’s trust. This guide is filled with common sense (but often overlooked) things you can start

doing today.

stop worrying. mobile devices actually have many built-in security advantages over their desktop

predecessors. And, as seen in this guide, there are many available device features that can simply be

turned on, or resources that can be accessed for free.

so don’t delay. Try putting one new security idea into action today, or pick a few and build them into

your security plan.

references to third-party advice and websites are made for your information only. ™rogers, rocket & mobius Design plus and related brands marks and logos are trade-marks of or used under license from rogers communications inc. or an affiliate. blackberry®, rim and related names and logos are the property of research in motion limited and are registered and/or used in the u.s. and countries around the world, used under license from research in motion limited. All other brand names are trade-marks of their respective owners. ©2011 rogers communications

For more information on mobile security, or other communications challenges for business, email us now, or visit www.rogersbizresources.com.