NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Guidelines for Managing the Security of Mobile Devices in the Enterprise

Published

Author(s)

Murugiah P. Souppaya, Karen Scarfone

Abstract

Mobile devices, such as smart phones and tablets, typically need to support multiple security objectives: confidentiality, integrity, and availability. To achieve these objectives, mobile devices should be secured against a variety of threats. The purpose of this publication is to help organizations centrally manage the security of mobile devices. Laptops are out of the scope of this publication, as are mobile devices with minimal computing capability, such as basic cell phones. This publication provides recommendations for selecting, implementing, and using centralized management technologies, and it explains the security concerns inherent in mobile device use and provides recommendations for securing mobile devices throughout their life cycles. The scope of this publication includes securing both organization-provided and personally-owned (bring your own device, BYOD) mobile devices. [Supersedes SP 800-124 (October 2008): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=890048]
Citation
Special Publication (NIST SP) - 800-124 Rev 1
Report Number
800-124 Rev 1
NIST Pub Series
Special Publication (NIST SP)
Pub Type
NIST Pubs
Supercedes Publication
Guidelines on Cell Phone and PDA Security

Download Paper

DOI Link

Keywords

cell phone security, information security, mobile device security, mobility, remote access, smartphone security, tablet security, telework
Cybersecurity and privacy

Citation

Souppaya, M. and Scarfone, K. (2013), Guidelines for Managing the Security of Mobile Devices in the Enterprise, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.800-124r1 (Accessed October 16, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created June 21, 2013, Updated June 9, 2020
Was this page helpful?