Mobile devices are embedded in enterprises. That's the way it is and that's the way it will be for the foreseeable future. Whether it's a laptop, netbook, thumb drive, or an iPhone, there is no boundary where sensitive data resides. Data goes where we need it and where we use it. That said, IT security professionals needs tools that will run on multiple platforms and operating systems. I look for a single tool solution that will address all of my platform needs. The vast array of smartphones, in particular, seems to give security professionals the most challenge. According to one survey of IT pros, the vast majority of them admit to fearing smartphones in the enterprise. I think this is true because these are relatively new devices in the enterprise, can hold a lot of data in different formats, and are in a small form factor, which makes them easy to lose. Plus, the security is sketchy.
Additionally, even though many organizations have policies addressing the use of USB drives, employees still use them because of their ease of use and portability. Paul Mah has an interesting post on the threat posed by USB storage devices and the challenges they bring.
Yes, there are many single-point solutions: VeriSign offers a two-factor authentication for the iPhone. McAfee and Checkpoint offer solutions to harden laptops and netbooks, and IronKey makes a secure flash drive that's almost indestructible. I had the opportunity to interview Susan Callahan, CMO and SVP of Business Development for Mobile Armor, which provides data encryption security for desktops, laptops, removable drives, PDAs and smartphones. I started by asking Callahan what security trends she sees. She said:
There are many vendors that provide solutions for mobile devices. I asked how Mobile Armor differs itself from other providers, and Callahan offered the following:
Businesses need to be nimble and fluid. Our business partners don't always consult security before they make equipment decisions. As security professionals, we cannot impede business, so we need to look for tools that are going to work across multiple platforms.