- BlackBerry Storm vs. the iPhone
- Digg's Kevin Rose: "We have to do better"
- Blogger warns: "Nortel doesn't make it out alive"
- Financial quagmire bringing out the scammers
- Verizon plays with the wrong e-mail addresses
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:Application Performance Solutions | App Performance | Networking Solution | SafeGuard Enterprise Solution Center | SOA | Test your Web Filter | Value of WDS
 |
During a home health visit last month in Oklahoma City, a nurse for Integris Health was held up at gunpoint. She escaped unharmed, but was robbed of her company-provided laptop and cell phone. Both devices held sensitive patient data, but Integris wasn't worried. "All of the sensitive files were encrypted," says Randy Maib, senior IT consultant at the company.
Integris uses Credant Technologies' Credant Mobile Guardian software, which provides data encryption for all sorts of mobile devices. "We feel comfortable that we've ensured the protection of our data - which is good, because you never know what's going to happen."
Read related stories on keys to mobile security and a mobile security wish list, and download a sample acceptable use policy.
Indeed, securing data on mobile devices, especially as storage capacity grows and size shrinks, is becoming a particularly thorny problem. Vendors have begun addressing the problem, but few provide centrally managed, soup-to-nuts security. With that in mind, here are five basic steps you can take to make sure your mobile data stays safe.
"You have to understand the type of data people are going to access and the risks associated with that data," says Jack Gold, founder and principal analyst at consulting firm J. Gold Associates. "You don't care if an e-mail about three kittens for adoption gets lost. But you do care if it's an e-mail talking about customers or financial issues with Social Security numbers and bank accounts."
Roy Balkus, CIO at Naugatuck Savings Bank in Naugatuck, Conn., takes this advice to heart. After deciding which users need peripherals, CD drives and USB devices, he uses Centennial Software's DeviceWall to control how much access and what type - read-only or read/write - they get. In addition, he provides full hard-disk encryption for mobile laptops. But he doesn't encrypt PDAs or mobile phones. The bank's acceptable-use policy spells out that no confidential or sensitive customer information can be stored on any portable handheld device without IT's permission. "People mainly use PDAs for contacts and calendar. Our business model dictates where we focus the security," he says.
Similarly, Integris' Maib uses Credant Mobile Guardian for file-level encryption, choosing the files to be encrypted according to their sensitivity. Credant provides a central console from which Maib can encrypt based on common file-types. "We're sure security is going where it's most needed," he says.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comments (3)
Only protecting hard driveBy Schratboy on June 18, 2007, 10:34 amThe bank guy is missing the point. Security breaches occur where there aren't controls in place such as with a PDA or memory stick. Full disk encryption is great...
Reply | Read entire comment
Protecting the Office Warrior?By Mohan on May 21, 2007, 7:23 amRoad warriors definitely need privacy filters to protect corporate data but I also think that in many open floor environments management needs privacy filters to...
Reply | Read entire comment
Protecting road warriors at homeBy Anonymous on May 18, 2007, 5:22 pmThe household PC can be one of the Road Warrior's weakest security links, particularly if the road warrior shares a PC with children, other family members or housemates....
Reply | Read entire comment
View all comments