|
Mobility isn’t the next big thing—it IS the big thing. Laptop computers are ubiquitous in every company, allowing employees to produce work not only in the office, but also at home and on the road. BlackBerrys, PDAs, and other handheld devices and smartphones can be seen in nearly every traveler’s hands. And if you take a look into these travelers’ luggage, you’re nearly certain to find pocket-sized USB drives, MP3 players, CDs and DVDs—removable media upon which multi-gigabytes of data can be stored.
Analyst data squarely supports the mobile computing trend. In its 2007 annual report, “The Future of Mobile Computing,” BCC Research estimates that the global market for mobile computing will reach more than $88.9 billion by 2011. Fueling this growth are both laptop computers, which are expected to account for $69.2 billion by 2011, and smartphones, which BCC Research estimates will have a compound aggregate growth rate (CAGR) of nearly $17.8 billion. IDC, the Framingham, Mass.-based industry research firm, also anticipates that the market for converged mobile devices (e.g., smartphones and PDAs) will grow from 124.6 million units in 2008 to 376.2 million in 2012.
And as mobile devices and accompanying wireless technologies become more powerful and robust, demand for mobile office - and business - related applications will only increase, fueling the mobility trend. But with the surge in mobile access comes a growing need for security of the data stored on all types of mobile devices—from laptops to handheld devices to so-called ‘flash’ or ‘thumb’ drives. The more employees take their laptops or other mobile devices filled with sensitive company and customer data outside the physical enterprise, the greater the threat of data loss or theft.
In fact, security breaches related to mobile devices have been grabbing headlines around the globe. From the first big breach of a major wireless service provider’s network in 2005, in which a hacker was able to obtain the provider’s customers’ passwords and Social Security numbers as well as download photos taken and stored by the customers on their mobile devices to the theft of government laptops with citizens’ email addresses and other personal information to a recent theft of backup information tapes from the backseat of a courier’s vehicle, the statistics strike fear into the heart of every CIO. Millions of dollars of data lost. Countless hours of employee time wasted to recreate information. And the unquantifiable loss of customer trust and revenue, a tarnished reputation—not to mention the financial and fines incurred due to a breach of government regulatory compliance requirements.
It’s clear that enterprises must protect their brand, reputation, competitive position, and regulatory compliance status from this 'moving liability'. So what can a forwardthinking company that wants to encourage employees to be productive anywhere—office, home, or on the road—do to ensure the security of its intellectual property and privacy of customer data?
A Four-Pronged Mobile Security Strategy
Leading-edge companies hoping to encourage mobile access to improve employee productivity should put into place a comprehensive mobile security strategy that encompasses the following four areas:
- Ensuring that information stored at-rest on desktops, laptops, and other mobile devices remains safe and secure;
- Restricting and monitoring what data can be transferred or copied onto removable storage devices and media;
- Preventing the unauthorized viewing of data stored on all types of removable media; and
- Controlling what actions users can take with specific data (e.g., edit, change, update, and print) on any laptop, mobile device, or removable media.
The following section describes each prong of a comprehensive mobile security strategy in greater detail.
1 . Securing data at-rest on laptops and other mobile devices
Because the number-one cause of data loss or theft is a stolen or misplaced laptop, organizations must protect themselves—and their confidential data stored on those mobile systems—from access should the laptop or mobile device fall into unauthorized hands. Encryption is the key technology that helps secure the data at-rest on (e.g., saved or stored) or in-transit between corporate laptops and other mobile devices, including Tablet PCs, smartphones, and PDAs. To protect themselves, organizations should implement full-disk encryption to protect all the information stored on all corporate systems and removable devices. In addition, organizations should consider implementing file and folder encryption, ensuring that files and folders remain encrypted and unreadable by anyone other than authorized individuals, no matter where the file or folder is saved or transferred.
|
