IT metrics for security services

Mobile Computing Device Security Standards

Dear, check this link:

http://www.itworldcanada.com/blog/it-metrics-for-security-services/377117

http://tech.rochester.edu/policies/mobile-computing-device-security-standards/

Please refer the attached file herewith.

Thank you, this is helpful. There is one more aspect of mobility and that is ubiquity. 

The main mobile computing concept involves mobile communication , mobile hardware, and mobile software.

in term of mobile hardware , the main security standards are as follows:

* Encryption: Mobile devices that do store sensitive data can be protected by means of encryption systems. Automatic encryption/decryption systems exist but are less secure than systems which require the user to enter a password at the beginning of every session. 

                                 ***********************

*External Identification: End users should label their mobile devices with their name and telephone contact information so lost devices can be returned to them, even after their battery has gone dead. 

                               *************************

* Limiting Data Storage: One of the best ways to prevent the compromise or loss of sensitive data is not to store it on a mobile device. Such data can be stored in the cloud or accessed from a proprietary server. Naturally, means of access must be thoroughly secured, or there is no advantage to be gained from keeping sensitive data off a mobile device. 

                              ***************************

* Lost Device Locator and Data Eraser Systems: Depending on the mobile device and its operating systems, there are various technologies that enable end users to locate a lost device (even if it's just between the couch cushions). Failing that, there are ways to remotely erase sensitive data. Encourage end users to enroll their devices in a good system, and to learn how to use it. 

                             *********************************

*Passwords and Timeouts: End users should set a password and a relatively brief timer to shut down and lock their mobile devices when left idle for even a few minutes. Passwords and timeouts prevent—or at least delay—unauthorized users from gaining access to sensitive data not only on lost or stolen devices but also on devices left unattended in homes and offices. 

                             ***********************************

* Trusted Sources: Mobile devices can add software from a variety of sources, but end users should rely only on trusted sources, such as the Apple iTunes Store, Google Play, or the Amazon App Store for Android. Other sources are less likely to thoroughly search for and prevent software contaminated by viruses or other malware.

                              ************************************

* Updates: Hackers and defensive software are engaged in running battles for superiority, so any delay in updating operating systems and/or security systems leaves mobile devices particularly vulnerable. Systems should be set to check automatically for updates, and users should get in the habit of performing manual updates at regular intervals.