Mobile devices have become indispensable. Be it a handheld device like a PDA, mobile phone or a laptop, these devices contain critical data about a client or even a business proposal. Apart from business critical data, people store electronic data like bank passwords and credit card numbers. Imagine the threat or loss to the organization (or user) if that data is accessed by unauthorized persons. Hence, mobile device encryption solutions are vital component for an organization’s information security policy.
• For laptops, the market has encryption software that can encrypt all data residing on the hard disk. For example, Safeboot is a commonly used software solution for laptop data encryption in Indian enterprises. In case of loss, the loser can be assured that the data will not be accessible to the finder, as reading that data requires an encryption key. While choosing the software for a mobile device encryption, it is important to choose one that doesn’t overburden the CPU and prevent users from optimally performing operations. Hence, it is important that the compatibility matrix be checked between the device model, manufacturer, BIOS and the encryption solution before deploying mobile device encryption software. Windows 7 has a preinstalled software component BitLocker that encrypts data on hard drives.
• Many PDA and mobile vendors provide nativesoftware for mobile device encryption on the device itself. In Windows Mobile OS, Mobile Encryption enables users to secure sensitive information on the device's removable flash memory storage card. The data is accessible only after the card has been installed in the particular device.
• In terms of ensuring security of one’s mobile device, choose a password that has numeric, alphanumeric, upper case characters in the password string as they are most difficult to crack. Enterprises should enforce users to choose a password that can satisfy the conditions for strong passwords.
• One of the most secure encryption available at the moment is the public and private key encryption. The public key resides in your mind and the private key resides in the FOB key provided by the vendor (which changes at regular intervals). The benefit of this type of encryption is that even if someone learns of the public password, he will still need access of the FOB key to login to your device.
• Several vendors also provide smart cards that are bound to a particular user ID in an organization. In order to access the device, users need to insert the smart card in the device.
A mobile device encryption solution provides a strong information security immune system to an organization. It forms the backbone of the organization’s information security policy, and is a very crucial asset for an organization to secure data—irrespective of whether data is on servers, desktops, laptops or handheld devices.
About the author: Anuj Sharma is an EMC Certified and NetApp accredited professional. Sharma has experience in handling implementation projects related to SAN, NAS and BURA. One of his articles was published globally by EMC, and titled the Best of EMC Networker during last year's EMC World held at Orlando, US.