The report – titled 'Securing remote users' – says that, with larger form factor portable devices such as laptops, netbooks and some tablet computers, it is possible to protect the device and the user by forcing access back via the corporate network.
They are then subject to internal security controls, says the Quocirca report, adding that there are three basic ways of doing this.
The first is to enforce the use of virtual private networks, with the second involving the use of virtual desktops infrastructure (VDI), which means all applications are run inside the firewall, including user productivity applications.
The third option, says Bob Tarzey, Quocirca's director and author of the report, is to force all network traffic back via a firewall.
This means, he explained, that user productivity applications are run locally, but everything going to or from the PC is subject to internal controls.
According to the report, securing the use of smartphones has thrown up some new challenges and, as yet, it is not really possible to take a unified approach to managing all mobile devices.
There is, however, says the report, one measure that can be taken centrally to protect all remote users; email filtering.
"Most organisations today will have this in place to catch spam and email-born malware and also to check what is being sent via corporate email. However, the target of many malware writers and an increasing source of data leaks is web traffic. It is possible to use proxies to force web access for mobile PC users via a central web traffic filter, but, for the reasons outlined above, this is less easy to enforce for smartphone users", notes the report.
Other areas that require attention, says the report, include password protection – basic but obvious' making sure the device cannot easily be used when it falls in to the wrong hands; malware protection , a feature now offered by many of the security vendors for mobile PCs and smartphones; and a device firewall.
Encryption and remote disabling of portable devices also have their place, says Tarzey, adding that advanced security features including SIM recognition and geolocation using GPS are also useful facilities.
"For many businesses, especially mid-market and smaller ones, these will be new and unprecedented challenges. The number of threats and the range of options for mitigating them will seem daunting and the in-house skills will not be available", says the report.
"Resellers that provide tools and services for managing mobile device security and safe remote IT access will be relieving their customers of a headache and enabling their businesses for the future", the report adds.