Forget About the Device -- Use Encryption to Protect the Data

Carl Weinschenk
Slide Show

Smartphones That Work for Business

Our Carl Weinschenk looks at the best mobile tech on the market today.

Wayne Rash had a nice post over at CTO Edge last week on the challenges of managing the multiplying types of smartphones that are wending their way into the enterprise. And, unlike a lot of bloggers, Wayne makes a suggestion at the end of of the post that can help organizations get a bit more control over the devices employees use.

 

Wayne's commentary touches on general management of the devices. Clearly, an important element of this overall concern is security. The bottom line is pretty simple: A lot of an organization's valuable information is floating around the ether. This is a dicey situation, since it is just about impossible to tell what devices are being used or how they are being configured.

 

From the security perspective, it's a good idea to encrypt everything that is of even marginal value. Better yet, just encrypt everything. It's better for a ton of unimportant data to get encrypted than one vital shred to be transmitted in the clear. This may be a bit more expensive, complex and time-consuming, but the uncertainty of life beyond the firewall means that the focus must switch from protecting devices to protecting data.

 


Security concerns will remain, even in a world of full encryption. Cyber criminals will still steal devices and try to use them to bypass an organization's firewall to access the servers and databases beyond. Thus, encryption isn't a panacea, but it certainly will go a long way toward providing IT and security staffs with peace of mind.

 

The National Association of State Chief Information Officers has released a study that deals with state employee use of smartphones. Encryption seems to be first among equals in importance among the technologies cited, according to the report at Mobile Enterprise:

Smartphones should be required to have encryption capabilities to protect stored data, strong passwords, inactivity timeouts, lock out after several failed attempts to log in, and remote whipping capabilities.

IT Business Edge's Sue Marquette Poremba cited another study-this one from the Enterprise Strategy Group-that also pointed to the importance of encryption. Indeed, 85 percent of survey respondents said it was very important (51 percent) or important (34 percent). Encryption ran neck-and-neck with device firewalls (also a combined 85 percent), strong encryption (87 percent), antivirus/anti-spam software (82 percent) and device locking (85 percent) as vital mobile-device security tools.

 

One of the greatest challenges facing IT and security staffs is taming the chaotic world of mobility. This is true both in terms of optimizing investment and protecting the organization from harm.



Add Comment      Leave a comment on this blog post

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

null
null

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.