The TOPECS Blog :: Special Reports

Main Page

Photos

Mobile and Accessory Reviews

Software Reviews

Special Reports

This Month

Month Archive

January 2008
September 2007
August 2007

Year Archive

2008
2007

Main Page » Special Reports

Next 30 days »

Wednesday, August 29

The mobile security minefield

by Tim on Wed 29 Aug 2007 23:55 BST

We are well and truly into the age of remote working, and with the continued advances in PDAs, mobiles and smartphones, the revolution looks likely to continue.

But if MI5 can’t rely on even its most security-conscious officers not to leave devices with valuable data on them in the back of taxis, can you rely on your staff not to do the same?

Changes in work habits mean that sensitive data is more and more likely to leave the office. And the chances of it being safe when it does so are slim. So what can you do about it?

Flexibility isn’t just a buzz word, it’s an important factor in the modern workplace. There is now a rising sector of the workforce, mostly young graduates, who are both relentless in their desire to carve out lasting careers and aware of the need for a healthy work-life balance. For these individuals, remote working is a key attraction in employment, meaning that remote IT working is becoming an all important factor in the recruitment and retention of talent.

However, remote working is not just a recruitment ploy. Almost three quarters of managers who use remote working as a commonplace work option believe that remote workers are more productive than their desk-bound counterparts. This growing army of remote workers are also increasingly tech savvy and use the increasing number of gadgets to enable that flexibility.

And it’s not just the remote workers who benefit from mobile devices. Office-based staff increasingly log in to their emails and work on vital documents on their way to or from meetings or during their commute in a bid to minimise ‘dead time’ and increase productivity. But companies should take the proliferation of stories about recent corporate security breaches as a stark a warning.

Handheld remote working devices doubtlessly offer improvements to the productivity of the modern workplace. But there are risks involved. When a device is misplaced, lost or stolen it isn’t just the economic value of the individual gadget that is lost. Improved technology now means that more data can now be stored on smaller equipment than ever before. It is likely that your smartphone is now capable of holding as much data as your laptop could a few years ago. With certain devices now having storage capacity that can be measured in giga-bytes complete customer or marketing databases can, and are, being stored on a mobile.

The most obvious problem here is that because of the continued reduction in size, it’s much easier to lose or steal a mobile. In August the Department of Health admitted to losing 11 mobile phones and four PDAs, while the MoD has misplaced ten mobiles in the last year. Devices are increasingly capable of sophisticated email and document editing, but it’s not just the memory or storage intensive-gadgets at risk. Even the address book and calendar in the simplest of handsets can contain some of your organisation’s most valuable data. For instance, if a competitor picks up your sales manager’s mobile at a conference the data he or she can retrieve within a few seconds has the potential to wipe millions from your bottom line. What’s more, data can be duplicated, and the original deleted, when staff move to a competitor company.

Aside from the data loss issues arising from the expansion of mobile device use, there are problems surrounding the growing threats from malware. Viruses are now being written for the specific purpose of disrupting mobile units, and it’s relatively easy to get onto unguarded devices. Employees can download and install inappropriate software that could lead to data theft - and even Symbian-approved software can contain malware.

If your employees are accessing corporate networks through their mobiles, PDAs and smartphones they can prove to be the weak link in the chain, capable of bringing down the whole system. New crossover viruses can transmit themselves directly from a phone’s memory card onto any PC the card is inserted into. Smartphones and PDAs are becoming an established and irreplaceable part of working practices and it is now vital for companies to think of ways of securing the data stored and accessed on these devices. Safeguarding their valuable information against accidental loss, opportunist theft, corporate espionage and malware is imperative.

So how do you avoid becoming one of the ‘data in motion’ casualties? The one line answer is mobile device management. Mobile device management (MDM) offers solutions to, among other things, the security problems of all a company’s mobile devices from one central IT department. It doesn’t prevent your devices being lost, but it does minimise the risk of the data being accessed by unauthorised sources.

Device management systems can centrally manage the security functions on all of your employee’s remote equipment, so there is no longer a need for staff to bring their devices in individually for upgrades. Improvements to anti-virus software and programmes can be made en masse to all of the company’s handsets with a few mouse clicks. It can also monitor software loaded by users to make sure that no rogue programmes make their illicit way onto the network.

MDM provides a number of solutions to protect a misplaced mobile, PDA or smartphone. Remote locking is a great way of stopping valuable data being accessed on lost devices. As soon as your employee realises that they have stumbled off their red eye flight without their PDA, their kit can be locked with one quick call to the office, thus protecting the data from prying eyes.

Upon locking, handsets are set to enable a ‘hotkey’ to dial to the support centre. So after your employee has finished intense negotiations with BA to retrieve their phone, they can call using the hotkey, and upon satisfactory security verification their device, and all the data on it, can be restored to full use. And if the phone can’t be reunited with its owner then all the data can be easily wiped – even if another SIM card has been swapped into the phone. Smart organisations will also use MDM to back up data remotely, allowing replacement handsets to be uploaded with contacts, photos, texts and calendar.

When security problems, such as setting changes or inappropriate use arise, MDM users have the added benefit of receiving alerts prompting urgent action. The way your employees use their handsets can also be managed. For example, if web downloads are not a required tool in some of your staff’s daily work, the central system can disable the function in any relevant units. An MDM system is not an expensive outsourcing project. Their software can easily be managed by an organisation’s existing IT help desk. Hosting options from software providers are also available to provide extra back up and support. Safeguarding your firm’s mobile devices is now a vital and basic security need. And MDM makes fulfilling that need a whole lot easier.

Leave Comment | Permanent Link | Cosmos

Syndicate this category

Favourite blogs

All About Symbian

Itproportal

SMS Text News