Monday, June 30, 2008

Securing mobile devices

The most vulnerable part of any organization is its mobile devices, especially notebooks and laptops. I can't think of any scenario worse than getting a call from the CFO who, even while taking every reasonable precaution, ended up getting robbed of her laptop during an trip overseas. Contact lists, sensitive corporate data, and even resumes and personal information are all vulnerable to a hacker with no practical time constraints.

What's even more troubling is that over 12,000 laptops are estimated to be simply lost in airports every year! And most users, over 60%, take little or no steps to protect the data on their mobile devices.

There are some commercially available services, such as those provided by Absolute Software. Their service enables them to track a stolen or lost laptop and even delete data remotely. On Monday, Dell announced their partnership with this firm. But it does require that the thief put the stolen machine on the grid in some way, shape or form. I would suspect that by the time they did that, it would probably be too late.

Some additional, though clumsy, steps you can take to protect your sensitive data is to keep it off the device. If you really need a file while offline, then save it to a USB storage key that you keep separate from your machine -- like in your pocket. Also, be sure to delete temporary files often... emailed attachments that you open can live there for a long, long time. And finally, consider keeping all of your emails on the server, instead of on your local PC. This can be quite inconvenient, to be sure. Short of that, delete (and empty the trash) sensitive emails from your local machine (keeping the archived version on the server).

No comments:

Post a Comment