Unlimited Access to Information Systems with Mobile Devices: Information Security Perspective
Purpose:
Mobile devices have become an indispensible part of modern communications; they enable easy access to the Internet and also remote manipulation of data stored in corporate information systems. The number of mobile device users is on the rise, but most of them don’t comprehend completely the less obvious functions of these devices. Users also have almost no control over background computer programs, because they run without their knowledge and volition. From the standpoint of information security, a lack of awareness of the risks can seriously compromise the integrity of corporate networks and information systems. The weakest links are users, but also the technology itself. To ensure the functioning and security of information systems, corporations and individual users should learn about protective mechanisms. It is also important that users adhere to implemented (internal) safety regulations.
Design/Methods/Approach:
We used descriptive and comparative methods, and made an overview of published literature, as well as processes pertaining to the use of mobile devices and related security issues. We compared general elements of information security in regard to the use of mobile devices.
Findings:
At present mobile devices are more and more frequently used to access information systems. The majority of users are concerned almost exclusively with the question, how to get uninterrupted remote access to data, but far less with security issues. This paper presents some guidelines for achieving and maintaining information security.
Research limitations/implications:
It has been noted, that this is a time of turbulent development and evolution in the field of mobile devices, and also related security issues, so best practices haven’t been defined yet. Corporations and other organizations have just recently begun defining guidelines to eliminate security breaches through mobile devices, therefore a comparison of their implemented solutions is practically impossible. VS_
Practical implications:
We propose guidelines, which can be used to: minimize information security risks posed by mobile devices; evaluate the current state of information security; and implement protective measures against cyber threats encountered by corporations and individual users of mobile devices.
Originality/Value:
Information security is a relatively new field because mobile devices and remote access to the Internet and data have just recently come into wider use. At the same time security issues and protective measures have stayed largely overlooked. Security threats are many, so it is impervious that users learn more about them and adopt some necessary security measures.
UDC: 004.056
Keywords: information security, blended threats, mobile devices, corporate information systems, business integrity