• United States

Credant Technologies protects mobile data

Mar 06, 20064 mins
Cellular NetworksMobile SecurityNetworking

* Credant Mobile Guardian addresses the growing needs of the mobile worker and portable data

It happened again. Another stolen laptop has put private information at risk. This time it is the private health information and Social Security numbers of almost 4,000 patients of the M.D. Anderson Cancer Center. The PC belongs to an employee of an accounting firm that was reviewing the patients’ insurance claims. The laptop, along with personal property, was stolen from the PricewaterhouseCoopers employee’s home.

If there’s good news to this story, it’s that the laptop has encryption software on it, making it unlikely the data will be accessed by the thief and used to steal identities or credit information. The thief might have the hardware, but at least the sensitive data isn’t at risk.

For once, a sigh of relief – but that is rarely the case. The fact is, data is more portable than ever, making it more vulnerable than ever. And even one small data breach incident can be devastating for a company as well as to the people whose private information is compromised. According to the Computer Security Institute, the average cost to a company as a result of a stolen computer is almost $89,000. Costs can run much higher if the database of stolen records is very large.

With penalties and fines for the exposure of private data, as well as the destruction of a company brand, the potential cost of a breach now outweighs the cost of protection. In short, you can’t afford NOT to protect sensitive data, no matter where it resides or travels to.

Credant Mobile Guardian (CMG) from Credant Technologies addresses these growing needs of the mobile worker and portable data. Rather than simply protect the device, however, CMG is a mobile data security solution that aligns security with the type of user, the device, and the location. The company’s motto could be, “Follow the data and protect it where it goes.”

The Enterprise Edition of CMG includes several components that work together to secure and manage disparate mobile devices from a single management interface. Here’s a brief description of each:

* CMG Enterprise Server – A Web-based application server that provides the security administration component.

* CMG Local Gatekeeper – A security software agent that resides on companion desktops and notebooks that automatically detects synchronization software and identifies the types of mobile device being used, including PDAs and smart phones.

* CMG Remote Gatekeeper – A security software agent that resides behind the firewall and enables IT to wirelessly distribute security policy updates to various handheld devices.

* CMG Shield – The on-device component that enforces mobile security policies whether a mobile device is connected to the network or not, and protects the device when lost or stolen.

It sounds like a lot of components to install, but the complete solution helps you wrap your arms around the whole nightmare of unprotected data circulating within as well as outside the confines of your network. It is centrally managed and gives you a trusted computing environment for mobile devices, even covering removable media such as CD-ROMs and USB tokens. You can focus protection on your most sensitive documents, encrypting only the data as needed.

The whole environment is policy-based, allowing you to set different levels of access or capabilities for different classes of users and documents. For instance, you can choose to encrypt all files belonging to employees in the Finance department, or just the corporate pricing documents. Once a file is encrypted by CMG, the encryption stays with the file, no matter what device it is moved to. So someone can copy a file to a memory stick to take home, and the file security stays with the data.

Data file encryption works to keep your sensitive documents protected. Even the state of California, which enacted a law requiring companies that have a data breech to notify affected customers, recognizes the value of encryption by exempting encrypted data from the law. You can be sure that M.D. Anderson Cancer Center and PricewaterhouseCoopers are thankful today for their foresight to encrypt sensitive files.