How to Start Up a Mobile Security Project
by Martin Allen - MD Pointsec Mobile Technologies - Thursday, 10 August 2006.
The proliferation of laptops, PDAs, smartphones and USB sticks means that corporate data is no longer confined to the office. Without a joined-up policy on mobile security, protecting and keeping track of it becomes impossible.

For the staff member who needs to work at home in the evening, or at other remote locations such as customer sites, transporting data out of the office has never been easier. Just plug a PDA, smartphone or USB stick into a desktop PC and drag the required files onto it. If none of these devices is to hand, a digital camera or an MP3 player will suffice. Windows will instantly recognise them, without the need to install any drivers, so users donít even need administrative privileges on the desktop in order to do this.

If the staff member has a laptop PC, things are even easier. Just plug the machine into the companyís network and copy the required files directly from the server.

But all this convenience comes at a sometimes hidden but high price. Without the necessary procedures and technical restrictions in place, companies can easily lose track of their sensitive data. Just how many files have been copied in this way? Where are they all now? Are legitimate users working with outdated versions because they have neglected to copy the most recent ones? Are dishonest employees copying files that they donít need? How many former employees, now working for your competitors, still have your data in their possession? How often do staff copy a file to their spyware-infested family PC to work on at home during the weekend before unwittingly bringing the infected version back to the office on Monday morning?

The Solution

Whatís needed is a mobile security solution which the users isnít aware of, so itís easy to use, totally transparent and doesnít effect the performance of the device in anyway. It needs to be configured so that its use is mandatory by all users and on all mobile devices. In addition, it should include key recovery facilities so that any file can be recovered by designated administrators in an emergency without the co-operation of the user who created it. Most importantly, the technology should be vendor-neutral, capable of working on every mobile device from USB stick, iPod, camera and smartphone to Windows laptops.

If you have always assumed that such products donít yet exist, prepare to be surprised. They do exist, and have done for a few years, albeit as part of a market that has only recently reached maturity. The whole sector is now growing rapidly, as more and more companies accept that they canít stand idly by and watch their data spread itself far and wide. If youíve been avoiding the problem, you really shouldnít continue to do so. Now is the time to roll out a mobile security policy.

Opting for a centrally-manageable, cross-platform solution, as offered by companies such as Pointsec, ensures that the roll-out runs as smoothly as possible. Everything is managed and controlled centrally so thereís no need to manually install client software on each device since it is being encrypted transparently in the background. Nor to wait for a couple of hours while the client software encrypts the entire contents of the protected device. And because all future upgrades and support are included in the package, itís easy to work out the cost and to calculate the total cost of ownership (TCO) of the product. Which is significantly less than the cost of crisis-management that would be required if a key laptop or smartphone containing your most valuable data files was lost or stolen while away from company premises.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Feb 8th