| Mobile data protection
a work-in-progress
12 January, 2006
By Paul Weinberg
Mobile computing continues to be the leaky sieve in the corporate
IT networks despite the ubiquity of laptops, Blackberries
and other similar types of devices and enterprise applications
that are being applied remotely.
IT industry analyst Warren Shiau reports how he was able
to access at his computer the unguarded wireless networks
of some other companies in his office building. Another concern
is that there is no guarantee that Wi-Fi hotspots in all locations
are secure.
"With hotspots/Wi-Fi, the risk is using access points
that aren't using encryption or authentication controls, creating
the possibility for an attacker to spoof the IP addresses
of the devices using those access points," said Shiau,
a senior associate and lead analyst in IT research at the
Strategic Counsel.
Furthermore, he added, "the way Bluetooth is configured,
it gives off location parameters."
The other hole in mobile data protection lies in backup.
Whether one backs up once a day or on a regular hourly basis,
there is still a window where no back up is occurring and
data can be lost inadvertently in a mishap or a hardware breakdown,
explained Thomas Lynch, CA's worldwide partner program told
echannelline.
To solve this anomaly companies like CA and Veritas have
come out with backup solutions containing continuous data
protection features, Lynch explained.
In CDP, all data is backed up on a continuous basis whenever
a change is made to a document, whether it occurs on a PC
in the company or at a remote site on a mobile device.
A simpler description by Marc Staimer in SearchStorage.com
is that a CDP solution system essentially takes "storage
snapshots" of every data modification and stores it in
an "electronic journal."
CDP is a term that one will increasingly hear from storage
specialists over the next 12 to 18 months, stated Lynch.
"CDP implies a whole bunch of parameters -- email archiving,
file virtualization and hierarchical storage management."
Continuous data protection is not a new technology, but it
has only become feasible with the availability of high-capacity
and low-cost disk drives, explained Shiau.
Shiau also points to another tool for mobile protection coming
down the pipe from the major vendors. Whatever information
residing on the laptop hard drive can be automatically erased
if the device has been stolen or gone missing.
"After three failed access times, the devices will immediately
wipe off the data," said Shiau.
Quoting FBI estimates in the U.S. security specialist Peter
Firstbrook notes that at least 50 per cent of network penetration
is the result of stolen laptops.
That is why Firstbrook, Gartner's research director for information
security and privacy, sees encrypted software solutions for
laptops as one solution for mobile protection. They can range
from file encryption to full disk encryption (the latter encompassing
everything on the drive including the operating system).
Some users may prefer to have layered encryption that allows
restricted access to files to certain individuals within the
organization. Firstbrook describes encryption for laptops
as "emerging" technology, largely used in the security
conscious sectors such as finance, healthcare and the public
sector. "I would say that 80 per cent of [organizations]
are not using an encryption solution."
He blames the high cost of encryption - ranging from $50
to $100 a device - as the main reason why it is still not
a mainstream product. (although here Shiau suggests prices
will be coming down this year as encryption becomes more mass
market for mobile devices).
The other outstanding issue, adds Firstbrook, is that most
organizations haven't even classified their data in terms
of what should be encrypted.
Vista, the next generation of Windows will have its own full
disk encryption feature, he noted. However, the industry is
largely made up of a "hodge podge" of players. "There
are not any big leaders out there "evangelizing the need,"
Firstbrook added.
|
