When we’ve been working in the same industry for a while, you get used to knowing a lot about a specific subject.
For example: You’re a security Management expert, you have all your qualifications and certifications that make you very wanted in this field.
People (clients) look at you as the subject matter expert because, let’s face it – your LinkedIn profile shows all the right experience and education.
You don’t even think about it, because it has become second nature.
Easy to get complacent at this stage – you still read articles about security and you have an interest in mobile security so you pay a bit more attention to that. But in reality you’re just super busy with all the engagements you have booked to dive deeply into the matter.
On top of that, you don’t really know what you don’t know. You know a lot – but not everything.. so how do you find out what the best way is to allocate your effort when you want to learn something new about Mobile Security? (or any type of security for that matter).
That’s why we at The Art of Service created the Mobile Security Self Assessment Toolkit. Because we’ve all been there… and we want to help you break through this challenge.
The toolkits consist of 3 different sets of questions about Mobile Security. These questions help you with your clients or your teams, to get them thinking about Mobile Security or the definition of this within the context of their business.
The questions are organised based on an increasing level of maturity of the business processes surrounding Mobile Security:
- Recognise – at this level you recognise that there is such a thing as Mobile Security and that it may have an impact on your business or career.
- Define – Once you understand the applicability of Mobile Security for your business it is time to define what it really means in the context of your business processes and customer service deliverables.
- Measure – Identify how you measure and who measures what within the business and suppliers’ organisation to help you understand the performance of Mobile Security
- Analyse – It’s not enough to measure, you need to do something with the raw data. Analyse it and map it against KPIs and metrics or benchmarks that you’ve identified earlier in the Define step.
- Improve – Now is the time to improve the business processes surrounding Mobile Security. Take a structured approach to this improvement step and don’t try to do too much at the same time.
- Control – This level is all about the control you have over each step in the business processes. How can you control the trigger responses, the process activities, the deliverables and results to make the process predictable and controlled.
- Sustain – Now that we have control of the business processes surrounding Mobile Security it’s time to look into the way to sustain the results.
How can you use these questions? (being the subject Matter Expert)
There are a number of ways you can use the questions in the Self Assessment Toolkit. To be honest – the name says it all… Self Assessment.
Go through the questionnaire and randomly pick a couple of questions. Can you answer those questions for your current organisation without having to look for the answer online?
Recognize – What is the underlying issue behind endpoint security and why is it becoming more difficult for companies to address it?
Define – Do the security policy and procedures clearly define information security responsibilities for all personnel?
Measure – How is the value delivered by Mobile Security being measured?
Analyse – Which users are working with the enterprises most sensitive data on mobile endpoints?
Improve – How much tolerance for risk do you have?
Control – Are all router, switches, wireless access points, and firewall configurations secured and do they conform to documented security standards?
Sustain – What are the most critical application security testing elements to add to CI/CD work ows?
These are just a small number of questions from a total of almost 1000 questions relating to Mobile Security.
You can also use these questionnaires to perform a self assessment with your team or with the stakeholders in the organisation. It is not a knowledge test, when you use these questions for your team or client you frame the question as follows:
In your belief, is the answer to the following question clearly defined
This will help with finding the gaps in the business processes and the assumptions made in relation to Mobile security in the organisation.
Going through these questions will unearth exactly what you don’t know about Mobile Security, especially in the context of your business (or your client’s organisation). And because you have a list of questions to choose from, you’ll be surprised at the un-expected gaps in your knowledge, understanding and definitions surrounding the business processes of Mobile Security.
Want to know more about the Mobile Security Self Assessment Toolkit? Check it out in our store.