Click here, to download this white paper

4) Make your password system smart, so nobody gets lucky trying to access your personal and business files

WARNING
If your mobile connectivity solution supports connecting mobile devices to services via Web or WAP, passwords should not be stored on your devices.

A more secure method of validating a user is to cache the authentication details on the device. The authentication details should be created when the user connects by entering their password but not contain the actual password. For extra security, the administrator should be able to control the expiry period of the cached credentials.

Solutions such as Intellisync’s SMC enable authentication credentials to be created when a user connects with their password. The administrator can enable or disable the storage of authentication credentials on a user's device. It is also possible to define an expiry period for the storage of authentication credentials on a device.

Solutions such as Intellisync’s SMC allow for an extra layer of security by integrating with SecurID. This uses a key FOB to generate a “random” 6 digit code that the user must combine with a PIN in order to authenticate. Making illegal use virtually an impossibility.

When choosing your mobile solution, ensure that you have adequate levels of password management. Ensure that your solution supports the security requirements of all levels in your corporation, including SecurID authentication.

Don’t allow passwords to fall into the wrong hands by leaving them lying around. And make sure any other passwords held on your devices are in a protected folder or encrypted to your own understanding. Most users put security codes and bank account information and passwords on their mobile devices – so encrypt. Continue...