Untitled Document
www.expresscomputeronline.com WEEKLY INSIGHT FOR TECHNOLOGY PROFESSIONALS
24 July 2006  
Untitled Document
Sections

Market
Management
Technology
Technology Life
Columns

Between The Bytes

Events

Technology Sabha
Specials

HMA Bankbiz
UPS Batteries

Services
Subscribe/Renew
Archives
Search
Contact Us
Network Sites
Network Magazine India
Express Hospitality
Express TravelWorld
feBusiness Traveller
Express Pharma
Exp. Healthcare Mgmt.
Express Textile
Group Sites
ExpressIndia
Indian Express
Financial Express

Untitled Document
 
Home - Technology - Article

Vendor Accent

Demystifying portable device security

Captain Raghu Raman on how to protect your portable devices.

They are sleek, fashionable and virtually unstoppable. You see them in jewellery, independent units, and in watches. We are talking about portable storage devices represented by the ubiquitous MP3 player, USB drive and smart phone. It is predicted that over four-fifths of mobile knowledge workers will have the opportunity to use wireless e-mail by 2008, and smartphones may outnumber PDAs as electronic organisers by the end of 2006 (Dulaney et al, 2004). According to a Gartner report, smartphones will show the fastest growth in Asia. “China and India alone will account for nearly 200 million units in 2007, with the Indian market surpassing China in 2009.”

These devices have led to large productivity gains, especially for companies since employees can work from any place. It is not uncommon to see sales executives equipped with these devices; they can be used for corporate presentations on the move, to record meetings, and to keep memos. They also form a perfect substitute for floppy discs and are far more durable.

However, these conveniences come at a price. Since these devices are portable and can store so much data, they are a prime target for thieves. This situation is particularly grave for corporates since several of these devices are with senior employees who have access to sensitive data. On top of this, several employees bring personal devices and connect them to the corporate network which renders the entire network vulnerable.

Prior to 2004, smartphones and PDAs were not a preferred target for malware authors. This changed with Cabir which targeted devices running the Symbian operating system

Malware is also increasingly becoming a threat. Prior to 2004, smartphones and PDAs were not a preferred target for malware authors. This changed with Cabir which targeted devices running the Symbian operating system. It spread via Bluetooth but did not do much damage. There have been several others since then like Brador, which allows the remote control of pocket PCs, and Gavno, which can make a phone unusable. So what is the way out?

  • User education. There are many Web sites that give information on the security features of the device and the kind of threats to it. A good start however is to fully read and understand the manual of your device. This will not only help in security, but will also make you a more effective user.
  • Physical proximity. Keep the device with you. Do not leave it lying around. While sharing the device with colleagues / friends, ensure that any sensitive data is removed or made inaccessible.
  • Connectivity interfaces. Activate connectivity interfaces such as Bluetooth and Infrared only when you need to connect to an external device.
  • Encryption. Encrypt your data. There are several vendors who provide good encryption products for removable storage. Also, a lot of devices come with built-in encryption.
  • Carrier. Ensure that the carrier you use has a well-defined and operational security programme that:
    — keeps the handheld operating system up-to-date in order to take advantage of improved security technology such as firewalls, code signing, intrusion prevention, and encryption.
    — secures information in the carrier’s data stores.
    — filters unwanted activity, known and unknown.
    — provides strong end-to-end encryption.
    (Source: www.securitydocs. com/library/3188)

These tips are also applicable to individual users. Do your research before choosing a service especially if you plan to use your shiny new handheld in the office.

Device security features

Use device security features such as account lock-outs and biometric security wherever available. Blackberries, for instance, have a feature that can erase all data on the device by pressing certain key combinations.

Centralised feature enforcement

Corporates must lock down and enforce features through centrally managed policies. For instance, cameras can be locked down while passwords and data encryption can be enforced.

Security software

There are a significant number of security programs available for handhelds. These include anti-virus programs and spyware detection programs. Install them on your device and keep them updated.

If the worst happens

  • Report the theft immediately to local authorities.
  • Contact relevant personnel in your company, giving as much detail as you can about the theft. Ensure that you notify your company’s IT department and get your network access passwords and tokens changed.
  • In the case of smartphones, you can render the phone useless to the attacker by asking providers to block them via their IMEI number, though the PDA part of the phone may still remain active.

Portable devices are good technology, and represent a key trend of the future. Following the above tips will help you maximise the benefits that accrue from these devices. Carry out a risk-and-return analysis before adopting any of the practices mentioned above.

The author is CEO of Mahindra Special Services Group

 


UNSUBSCRIBE HERE
Untitled Document
© Copyright 2001: Indian Express Newspapers (Mumbai) Limited (Mumbai, India). All rights reserved throughout the world. This entire site is compiled in Mumbai by the Business Publications Division (BPD) of the Indian Express Newspapers (Mumbai) Limited. Site managed by BPD.