Home » Data Protection » Wireless/Mobile

Protecting the Mobile Workforce

Seven ways to safeguard your company's roaming data from thieves, hackers, viruses and just plain stupidity

Until cell phone and PDA encryption processing speeds improve, "you may not want to encrypt the full disk right now," Sudan says. "But at least have the ability to encrypt files and folders—or at least your e-mail," Sudan says.

At Cigna, all laptops have full-disk encryption and some have a second layer of encryption on specific files. "It protects the data from somebody who has to log on to fix the machine. But since they're not logging on with the user's credentials, they still don't have access to the data," Shumard says. Users haven't complained about slow processing times so far.

Cigna also deploys technology that prevents users from downloading data to a travel drive and copying information to CDs. These and other security features are available today in most mobile device management products and mobile security products offered by a range of vendors.

Large systems management vendors include CA, IBM and Hewlett-Packard. Mobility vendors, such as BlackBerry, Motorola and Nokia offer both categories of products, as well as pure-play security management system vendors. Most products support the two most common mobile operating systems in the U.S.—Windows Mobile and BlackBerry.

There are differences between mobile security products and mobile device management software. MDM includes software distribution, asset management, remote control and some baseline security featuresâ¬"what you would find in a PC device management product," Sudan says.

Mobile security products are specifically focused on security—with mobile VPNs, mobile antivirus, mobile firewall, as well as the device swipe-and-lock and encryption features also found in MDM software.

3. Prevent Web-based mobile attacks

In 2006, IDC saw an increase in the volume and sophistication of mobile malware, which has prompted analysts to recommend that companies begin evaluating MDM and mobile security products. According to an IDC report, "Several viruses have been specifically developed to exploit vulnerabilities in mobile phones and handheld devices." The majority of these have been low-level threats, but they have laid the "proof of concept" groundwork for others to follow.

Some MDM solutions offer feature-block capabilities, which disable Bluetooth, SMS or multimedia messaging service (MMS) messaging, so viruses can't get into the phone. It also allows administrators to disable USB connectivity, turn off cameras and disable ActiveSyncâ¬or any other ports that can sneak viruses inside.

4. Understand the default settings on mobile devices

Default settings on mobile devices may make them easy to set up, but they also create big security holes. For instance, cities like Chicago require motorists to use hands-free devices when driving while using a cell phone, so a growing number of drivers are buying Bluetooth headsets. To get up and running quickly, users often choose the manufacturer's discovery mode by default and easy security PIN codes. The problem is that now there are attack tools that can take advantage of those default features. Hackers can potentially eavesdrop on phone conversations, Luallen says.