• United States



by Craig Bumpus

How to Keep Mobile Data Safe

Jun 23, 20065 mins
CSO and CISOMobile Security

Seven tips for securing your mobile data.

Let’s be honest: Is it really the fault of problems with a virus protection program, or an insecure hot spot, if notebook users lose data? A recent Gartner study showed that 86 percent of all security events in wireless networks are caused by the mobile devices—and not by insecure data transfer. I work in the mobile security industry, and would like to give you some simple measures for securing your notebook.

Tip 1: Demand more discipline from users when on the move

The only protection against being careless is more care and discipline—but that is difficult when you are under time pressure. Airline passengers lost more than 5,000 mobile devices at airports in Germany, Austria and Switzerland, according to a survey conducted by Utimaco Safeware among the lost-and-found offices at the 10 largest airports in the region. Particularly at airports with a large number of short-distance routes that are primarily used by business travelers, several dozen mobile devices are turned in daily—on heavily traveled days, as many as a hundred. It sounds obvious but bears repeating: If you travel with a notebook, you should always make sure that you really have the notebook case, including all its contents, over your shoulder before you leave the plane, taxi or train.

Tip 2: Make passwords more difficult to crack

If the worst happens, and your computer is stolen or lost, there is still hope that your personal data is not all accessible, if the password is difficult enough to crack. A mixture of characters, numbers and letters is considered the most secure—but only if passwords and keys are not stored on the hard disk. For this reason, it is better if the computer prompts for a password before booting. Electronic security solutions enable this. This gives an unauthorized user no chance to somehow get access to the operating system or saved data in any way.

Tip 3: Use hardware to supplement password protection

Analysts at the Meta Group have confirmed what IT managers already know: Passwords alone do not provide optimum protection for data. The alternatives have been available, and in use, for years. Special smartcards or tokens (which look just like a USB stick) store key information that is used in combination with a user password to unlock the computer. Only someone who has the token and knows the password can access the system and the data saved on it. Alternatively, the user’s biometric data can be stored on a smartcard. For authentication, the user’s fingerprint is checked directly on the card, instead of the password.

Tip 4: Secure your hibernation mode

You can set up the system to prompt for the password again when the notebook switches back from the screen saver or from hibernation mode to normal working mode. This means your data is still secure if you stop for a break or you are making a phone call in the train or airport.

Tip 5: Set up an electronic safe

As a basic principle, you should never save valuable information without protecting it electronically, just as important papers are kept in safes. The electronic pendant is a “virtual” disk drive that securely encrypts and stores all its contents. You can very easily set up an electronic safe of this kind on local hard disks and network directories, on the PDA, and also on mobile devices such as USB sticks and smartcards, CD-ROMs and DVDs to provide secure storage of your electronic data.

Tip 6: Implement automatic encryption

Talking about the electronic safe, what use is the best safe if the valuable data is simply left on the shelf next to it because no one takes the time to think about whether a particular document needs protecting at all? Here, data-transparent encryption is a big help. It runs automatically in the background, without being noticed, so the user does not even have to think about storing data securely.

Tip 7: Restrict plug and play

Plug and play is convenient, but sometimes can be dangerous. If someone connects a USB stick, MP3 player or external hard disk drive to a notebook, it is recognized automatically—and it is then easy to start exporting data and passing it on to the wrong people. The alternative is to lock the computer for all memory media apart from the company’s own memory sticks that cannot be used to run or read programs. This also removes the danger of accidentally loading a worm or virus on your own hard disk if you lend the data medium to someone, and get it back with a “dangerous cargo.” In addition, you should use sensitive data on USB sticks only when it is encrypted, because the smaller the memory device, the greater the danger that it will get lost or stolen.

In short, security leaks are not only caused by data transfer, but also by the mobile device itself. The only effective solution is a combination of encryption, authentication and access management. And, not to be underemphasized: Users need self-discipline.

Craig Bumpus is president of the Americas for data encryption security company Utimaco Safeware.