Protecting data is top of mind for companies and individuals as people continue to carry around more information on tiny computing and storage devices, especially because they can hold the equivalent of millions of pages of data on one device. Organizations have become particularly cautious because they cannot afford to leave sensitive data in an unprotected state on devices that can easily fall into the wrong hands.

At IronKey, we strive to manage these risks without nullifying the significant productivity and efficiency benefits of smart phones, personal digital assistants, USB sticks and other devices. We have put together a list of six steps that identify how organizations can protect themselves from the threat of data loss. I have shared them below and I am happy to receive any comments or questions on the topic.

1. At the Very Least - Encrypt Mobile Data
Strong encryption provides the ultimate first defense against loss or theft. However, it is only as strong as its weakest link — the user’s password. The Ponemon Institute found that 47 percent of workers shared passwords with co-workers. Additionally, a number of readily available password-guessing software and hardware tools let hackers decode a user’s password by hammering away at a device with millions of guesses per second. Encryption solutions offer valuable protection as they store passwords and encryption keys in hardware and can prevent such brute-force attacks. This solution also protects against cold-boot attacks, wherein hackers gain access to the encryption keys from RAM memory as keys remain in memory for a time after the device has been powered down.

Users themselves represent another threat to even the best encryption schemes. This is done either intentionally as a malicious insider, or users can unintentionally be a threat to themselves as they write down passwords and carry the list with them making the device easily assessable if it is lost or stolen. Some data on devices is available without a password like on a smart phone. For these reasons, encryption alone is not enough. I recommend that organizations use hardware encryption within the framework of a centrally managed security strategy, which provides the ability to remotely disable or deny access to compromised devices, or wipe them clean.

2. Manage Mobile Devices Centrally
There are an estimated 300 million USB drives in use worldwide. There are so many devices in the hands of users on any given day that many organizations remain unaware of how many connect to their networks, or from where they are connecting. With little control and even less knowledge of how devices are used or their security posture, these legions of mobile device users represent a significant security risk.

Many organizations have already taken steps to centrally manage end-point data protection for their desktop and notebook PCs, and we recommend using the same approach with mobile devices. This means moving beyond standalone encryption and implementing capabilities for tracking usage and enforcing security policies remotely This includes to the ability to lock a mobile device after a number of incorrect attempts to guess a password, or destroy data if a user reports a device lost or stolen.

Many of our customers have implemented and enterprise management solution for their devices and it not only allows them peace of mind, but has also allowed them to implement security policies that define acceptable use, such as remote access, authentication, device storage and encryption.

3. Protect Against Malware
Much like malware itself, anti-malware software initially focused on preventing PC-based infections from floppy drives. As the malware threat has moved from the physical transfer of storage devices to the Internet, anti-malware software in the corporate environment moved to server and

You do not have flash or javascript support.

Average (0 votes)

Reply