Tactical Advice

Managing Mobile Encryption

Use these five tips to get the most from a mobile encryption strategy.
This story appears in the September 2010 issue of BizTech Magazine.

The walls are moving outward faster than ever. In the past 10 years, many employees have gone from working in an office to working outside the office to carrying their entire office in a shoulder bag or on a belt holster.

What this means to IT departments is that technology managers face the unenviable task of securing more devices than ever. If your organization is moving to encrypt its mobile data, consider the following tips to help you get the most out of an encryption strategy.

Tip 1. Deploy comprehensive, managed security software that works on multiple platforms.

If your IT department supports more than a handful of users, you already know that using centrally managed software is a necessity. Encryption is no exception. Several big-name developers offer centrally managed encryption packages and malware protection for desktop and notebook systems, as well as mobile devices, removable storage and attached network shares.

Keep it simple by consolidating as much as possible. It will be easier on both your users and support staff, and one-stop solutions also come with an implied assurance of compatibility between components.

Tip 2. Take advantage of the Trusted Platform Module.

Most desktops and notebooks feature Trusted Platform Module technology. A TPM chip can encrypt and bind a user’s hard drive to his or her system so that it will no longer work without a valid password or security token.

TPM can also provide hardware-level authentication to other common security tokens, such as virtual private network challenge phrases, Microsoft Windows passwords and even Wi-Fi network keys. Because it’s hardware-based, TPM authentication is intrinsically more secure — the credentials reside within the chipset and never enter the software layer.

Tip 3. Understand the strengths and weaknesses of full-disk versus file-level encryption.

Considering the number of mobile devices that fall victim to theft and loss each year, you want to employ the strongest available encryption technology. When locking down data on hard drives in mobile devices, you essentially have two encryption options: full-disk, which automatically encrypts everything on the hard drive, and file, which lets users handpick what to encrypt.

Although its on-demand nature makes file-level encryption faster, full-disk encryption means you don’t have to fret about a mobile user losing a file or a clever hacker lifting information from temporary files.

Tip 4. Enable content protection on BlackBerrys.

One easy way to encrypt sensitive BlackBerry user data is to enable the content protection option. This can be accomplished either through menus on the smartphone itself or through a policy setting on the BlackBerry Enterprise Server.

Once enabled, a user’s phone will automatically encrypt any data it deems sensitive, such as e-mail, web-browsing history and contacts. It will prevent access to this information any time the device is locked. This safeguards data from being recovered physically through the phone itself.

Tip 5. Don’t let removable storage slip through the cracks.

Remember that sensitive data isn’t always confined to local drives on users’ machines. If your group policies allow users to connect external drives, make sure to encrypt those drives as well. Consider purchasing a centrally managed solution that can port to removable media such as external hard drives and thumb drives. Another cost-effective method: Buy drives with built-in encryption and, ideally, fingerprint authentication.

Jason Holbert is a Tier II desktop support technician at Harcros Chemicals, a chemical manufacturer and distributor in Kansas City, Kan.
Sign up for our e-newsletter

About the Author

Jason Holbert

Jason Holbert

Jason covers desktop applications and help desk utilities, including reviews geared toward the IT end-user support function. Jason is the PC infrastructure manager for Harcros Chemicals, a worldwide leader in chemical manufacturing and distribution. At Harcros, Jason supports over 350 end users at 30 branch locations. In his free time, Jason enjoys reading, motorcycling, competitive shooting and remodeling his starter home with his wife.

Security

Why Cloud Security Is More E... |
Cloud protection services enable companies to keep up with security threats while...
Securing the Internet of Thi... |
As excitement around the connected-device future grows, technology vendors seek ways to...
Tools to Maintain Mobile Sec... |
Far-flung devices pose serious challenges, but a variety of technologies can help protect...

Storage

The New Backup Utility Proce... |
Just getting used to the Windows 8 workflow? Prepare for a change.
How to Perform Traditional W... |
With previous versions going unused, Microsoft radically reimagined the backup utility in...
5 Easy Ways to Build a Bette... |
While large enterprises have the resources of an entire IT department behind them, these...

Infrastructure Optimization

Why Cloud Security Is More E... |
Cloud protection services enable companies to keep up with security threats while...
Ensure Uptime Is in Your Dat... |
Power and cooling solutions support disaster recovery and create cost savings and...
The Value of Converged Infra... |
Improvements in security, management and efficiency are just a few of the benefits CI can...

Networking

Securing the Internet of Thi... |
As excitement around the connected-device future grows, technology vendors seek ways to...
How to Maximize WAN Bandwidt... |
Understand six common problems that plague wide area networks — and how to address them.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Mobile & Wireless

Now that Office for iPad Is... |
After waiting awhile for Microsoft’s productivity suite to arrive, professionals who use...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Hardware & Software

Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.
The Tools That Power Busines... |
Ever-evolving analytic software can greatly improve financial institutions’ decision-...
XP-iration Date: Today Is th... |
It’s officially lights out for Windows XP as an operating system. Here’s how the world is...