Improving Mobile Device Security

Ralph DeFrangesco

Mobile devices are embedded in enterprises. That's the way it is and that's the way it will be for the foreseeable future. Whether it's a laptop, netbook, thumb drive, or an iPhone, there is no boundary where sensitive data resides. Data goes where we need it and where we use it. That said, IT security professionals needs tools that will run on multiple platforms and operating systems. I look for a single tool solution that will address all of my platform needs. The vast array of smartphones, in particular, seems to give security professionals the most challenge. According to one survey of IT pros, the vast majority of them admit to fearing smartphones in the enterprise. I think this is true because these are relatively new devices in the enterprise, can hold a lot of data in different formats, and are in a small form factor, which makes them easy to lose. Plus, the security is sketchy.


Additionally, even though many organizations have policies addressing the use of USB drives, employees still use them because of their ease of use and portability. Paul Mah has an interesting post on the threat posed by USB storage devices and the challenges they bring.


Yes, there are many single-point solutions: VeriSign offers a two-factor authentication for the iPhone. McAfee and Checkpoint offer solutions to harden laptops and netbooks, and IronKey makes a secure flash drive that's almost indestructible. I had the opportunity to interview Susan Callahan, CMO and SVP of Business Development for Mobile Armor, which provides data encryption security for desktops, laptops, removable drives, PDAs and smartphones. I started by asking Callahan what security trends she sees. She said:


  1. Devices like the iPhone can now hold 8 GB of data. That equates to almost 1,000 e-mail. If lost, that puts a lot of unsecured data in someone's hands.
  2. New and more powerful applications for mobile devices may make life easier, but they pose more risk because of the potential that they access and store data.
  3. Free Wi-Fi poses many risks.


There are many vendors that provide solutions for mobile devices. I asked how Mobile Armor differs itself from other providers, and Callahan offered the following:


  1. Support for many operating systems and devices (Windows, Linux, Mac, PDAs, smartphones).
  2. Remote device wipe. Should the device get stolen, it can be erased remotely.
  3. Full disk encryption (AES or 3DES).
  4. CAC support.
  5. AV and AM software build into the device (USB drives).
  6. Centralized administration.
  7. Enterprise scaleable (SOA capable) for large organizations looking to scale the product.


Businesses need to be nimble and fluid. Our business partners don't always consult security before they make equipment decisions. As security professionals, we cannot impede business, so we need to look for tools that are going to work across multiple platforms.

Add Comment      Leave a comment on this blog post
Oct 8, 2009 1:58 AM Ralph DeFrangesco Ralph DeFrangesco  says: in response to Jason Zane


Actually increasing memory would make the problem worse. More memory equates to more data that can be downloaded and stored on the device. Armor's solution encrypts the data on the device. Data Loss Prevention (DLP) would in fact be a better soultion, limiting what a user can download to their device.

Thanks for your comments,


Oct 8, 2009 12:20 PM Jason Zane Jason Zane  says:

Very interesting information.  I'm not to informed about PDA security other than constantly hearing that it's "not secure", but wouldn't the increase in memory that Susan was talking about help the potential for installing security software?  While that wouldn't completely solve the problem, it seems like it would help contribute to the solution.

Nov 25, 2009 4:48 AM Lee Lee  says:

just happened on to this web site as i was searching for some magic to "un" encrypt my flash drive (although if it's easier enough for novice yo-yos like me to find, well, then how good IS that security, huh?) .... anyway, i had some slide presentations on my drive, attended an event where one of the organizers had already set up his laptop for a presentation.  came time for my spiel, we popped in my flash drive, opened the show and away we went.  afterward, we removed the flash drive and that was that.  i thought.  you can FF to the obvious: a couple of days later i wanted to work on some files on the flash drive and got a message back in a little window, "Pointsec Protector EPM Explorer" and the message seemed to say i could now only use the drive within the corporate network of the guy who owned the laptop, etc.

any way at all to resolve this?



Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.