Posted by: David Scott
computer security, data loss, data theft, flash drive, laptop, mobile data, mobile device, mobile device loss, mobile device theft, mobile security, network security, remote data delete, remote data erase, remote data wipe, smart phone, smartphone, tablet, unauthorized access
No matter how tight your security policies, no matter how regularized your security training, no matter how careful your workforce – mobile devices are going to get lost.
Smartphones, laptops, tablets, cameras, flash drives, and anything that’s not nailed down is susceptible to being left at the airport, in the back seat of a cab, or on a table somewhere in a food court… as but a few examples. And that’s just the possibilities involving loss through negligence – oversight, in leaving a locale without all of your possessions firmly in tow.
What of theft? As difficult as it is to believe, people actually take things that don’t belong to them! This is something you have to actively guard against – not just by maintaining your eyes on portable devices, particularly when you’re using them in public spaces, but in another important way.
It’s not so much the device itself that poses great risk – it’s merely any device’s potential manifest of harm, in the absence of appropriate controls when in the hands of an unauthorized person.
A device harbors content: That is, the data any particular device contains. Unauthorized physical access to the device cannot always be effected, as in the case of loss, so all other up-to-date methods of security must be employed. The device must be password protected. You might even consider fingerprint and card readers for total authentication and access. Further, the data residing on the device should be encrypted.
Risk is also posed through the access that the device represents: To your network, to your central data repositories, to your business intelligence, to your client information, to your employee information, to sensitive and confidential data, to proprietary solutions and systems, and on and on and on…
Another security measure to consider, which would protect both data and the device’s potential for directing harm to whatever it logs into, is to enable a remote-erase (wiping) solution. When a device goes missing, a trigger is pulled at the home office, sending a signal to the device to essentially destruct all data and mechanics of login.
March 12th: On this day in 1912, the Girl Guides (Girl Scouts) was founded by Juliette Gordon Low