A "no jailbreaking/no rooting" rule should be enforced, and there should be restricted use of unapproved third-party app stores. Devices in violation should be disconnected from sources of business data, and potentially wiped, depending on policy choices.
Companies should also require signed apps and certificates for access to business email, virtual private networks, WiFi and shielded apps.
Gartner said IT security leaders needed to use network access control methods to deny enterprise connections for devices that exhibit potentially suspicious activity.
Sign up for CIO Asia eNewsletters.