Encryption Goes Mobile

Frank Ohlhorst

The use of mobile solutions is on the rise in the enterprise and that is becoming a major concern for CTOs and their subordinates. The big question is, 'how do you protect intellectual property in a disconnected environment?' Many will find no clear-cut answer to that question and may limit the use of mobile equipment in the enterprise, preferring to keep everything inside the firewall and users on tethered systems. Perhaps that is the best way to prevent data leakage, but limiting mobility may not be feasible in many businesses.

Luckily, there is a simple answer to that dilemma and that answer is drive encryption, a technology that has come of age in the mobile world. Windows 7 Ultimate and Enterprise editions offer BitLockeras a way to encrypt storage media, while several vendors also offer add-on solutions. The Truecrypt Foundation even offers an open source product that is relatively robust for the mobile worker looking to encrypt drives. Reviews of both of these offerings can be found here.

However, encryption is not the only elixir for protecting intellectual property, it is only part of an overall solution that has to be visualized, deployed and managed. IT managers will need to consider how data is stored, how it traverses the network and how that data can be accessed. That drives protecting data into two very distinct camps-data in motion and data at rest. Data in motion is normally protected by VPNs, firewalls and intrusion prevention systems, while data at rest is protected by passwords, access policies and data leakage prevention applications.

Encryption plays a role in both states of data-for example, data in motion can be encrypted via a VPN, while data at rest can be stored in encrypted files. The problem, however, is relying on end users to properly use those security features and adhere to company policies-and that is where drive encryption can fit into the puzzle-by encrypting hard drives, if a user forgets to password-protect a file, it is automatically protected from perusal. That way, if a portable storage device or notebook computer falls into the wrong hands, the data still has a level of protection.

While encryption may be the answer to the age-old question of how to protect data on mobile devices, the technology does not come without its challenges-for example, encryption can be a management nightmare if users forget passwords or lose keys-what's more, enforcing encryption policies may take some networking policy finesse. My advice is to take a serious look at encryption as a data protection tool, but take into account all of the nuances that encryption may introduce into PC management.

Add Comment      Leave a comment on this blog post
Feb 13, 2010 2:02 AM Anonymous Anonymous  says:
Wow, you hit the nail right on the head here - protecting IP is getting very difficult today - encryption seems like a big piece of the puzzle, however, it is going to take a lot of management technology to make it effective with a large mobile workforce Reply
Feb 15, 2010 7:02 PM Anonymous Anonymous  says:
Check it out, the best deal in Data Loss Prevention: www.prevensys.com Reply

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.