For the staff member who needs to work at home in the evening, or at other remote locations such as customer sites, transporting data out of the office has never been easier. Just plug a PDA, smartphone or USB stick into a desktop PC and drag the required files onto it. If none of these devices is to hand, a digital camera or an MP3 player will suffice. Windows will instantly recognise them, without the need to install any drivers, so users donít even need administrative privileges on the desktop in order to do this.
If the staff member has a laptop PC, things are even easier. Just plug the machine into the companyís network and copy the required files directly from the server.
But all this convenience comes at a sometimes hidden but high price. Without the necessary procedures and technical restrictions in place, companies can easily lose track of their sensitive data. Just how many files have been copied in this way? Where are they all now? Are legitimate users working with outdated versions because they have neglected to copy the most recent ones? Are dishonest employees copying files that they donít need? How many former employees, now working for your competitors, still have your data in their possession? How often do staff copy a file to their spyware-infested family PC to work on at home during the weekend before unwittingly bringing the infected version back to the office on Monday morning?
Whatís needed is a mobile security solution which the users isnít aware of, so itís easy to use, totally transparent and doesnít effect the performance of the device in anyway. It needs to be configured so that its use is mandatory by all users and on all mobile devices. In addition, it should include key recovery facilities so that any file can be recovered by designated administrators in an emergency without the co-operation of the user who created it. Most importantly, the technology should be vendor-neutral, capable of working on every mobile device from USB stick, iPod, camera and smartphone to Windows laptops.
If you have always assumed that such products donít yet exist, prepare to be surprised. They do exist, and have done for a few years, albeit as part of a market that has only recently reached maturity. The whole sector is now growing rapidly, as more and more companies accept that they canít stand idly by and watch their data spread itself far and wide. If youíve been avoiding the problem, you really shouldnít continue to do so. Now is the time to roll out a mobile security policy.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.