How vulnerable is sensitive information on mobile devices?
Home > IT Answers > Mobile > How vulnerable is sensitive information on mo...
KevinBeaver
7610 pts.
0
Q:
How vulnerable is sensitive information on mobile devices?
Mobile security, Mobile device security, Data Encryption
I'm quoted in today's Wall Street Journal in a special section on mobile security (page A20) and thought this subject would make for a good topic of discussion on ITKE.


We hear story after story, breach after breach, and study after study related to sensitive information on mobile devices being compromised but yet the problem is still rampant and seems to be getting worse. Does no one in management truly understand the seriousness of this issue? Or, do IT admins and security managers just not have the time and energy to devote to it?



I think its one of the biggest information security problems we face right now...I've written extensively about the vulnerabilities associated with data at rest and have especially ranted about sensitive information on unprotected mobile devices. But I feel alone.



What do you all think? Are you coming across the same issue? If so, what solutions are you seeing and/or recommending?
ASKED: Sep 23 2009  8:17 PM GMT
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
RELATED QUESTIONS
0
Technochic
40210 pts.
0
A:
 RATE THIS ANSWER
0
Click to Vote:
  •   0
  •  0
  • AddThis Social Bookmark Button
Anybody have any input on this?

**********
Just saw this Kevin. We have at least implemented strong password protection on any mobile devices connected to our exchange server and have disabled connectivity for all devices except those approved. We also inform users their device will be wiped if lost. Approved devices at this time are only blackberry devices connected to our BES and owned by our organization. No personally owned devices are allowed to connect. We get pressured from time to time to be more lenient but so far we have not caved.
Last Answered: Sep 29 2009  8:01 PM GMT by Technochic   40210 pts.
Latest Contributors: KevinBeaver   7610 pts.
  •   
0
0
RSS - Discussions Help
Discuss This Answer:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _



_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

KevinBeaver   7610 pts.  |   Sep 29 2009  7:21PM GMT

I think the silence speaks loud and clear. :-)

 

KevinBeaver   7610 pts.  |   Sep 30 2009  3:39PM GMT

Technochic - I’ve seen this same setup work well at other organizations…what about laptops, flash drives, and external hard drives? Doing/seeing anything in that area?

 

Technochic   40210 pts.  |   Sep 30 2009  7:54PM GMT

We have implemented Secure Doc full disk encryption for all our corporate laptops. This at least keeps anyone from accessing info on a lost or stolen laptop. Nothing has been done to block use of flash drives or external hard drives, and I think this is another serious security hole.

 

KevinBeaver   7610 pts.  |   Oct 2 2009  1:19PM GMT

Good to hear. Interesting how we still haven’t been able to get the idea that unprotected laptops are a *huge* business risk into the heads of most executives. A look-see at the Chronology of Data Breaches shows we have a long way to go.

 
0