Reading the news reports and blog posts over the last several weeks regarding the threat posed by the loss or theft of smart phones poses a dilemma for just about every company that deals with confidential data – in other words all of us! A report released in October by Forrester Research predicts that by 2015 companies will have more mobile devices (smart phones, iPads and other non-tablet devices) than traditional computers on their corporate networks. Considering that thousands of mobile devices are lost or stolen each month companies need to understand the issue of exposing confidential information. Manufacturers, such as Research in Motion (RIM) and Apple, have long employed the ability to remotely kill a lost cell phone or application that may cause issues on the device. So you think that you have all the bases covered – think again!
Information security departments need to adjust to the new threat landscape, where managing the vulnerabilities inside the company is less about plugging software holes and more about protecting data, says Chenxi Wang, Vice President and principal analyst at Forrester. Consider for a moment when someone sends a classified document to a colleague with a privately owned cell phone or iPad. Without proper security the file may be accessible to anyone who gains access to the device. Even more troubling is the ability to forward an unprotected file to any number of people – either intentionally or by mistake.
So how do you protect your company’s confidential data without becoming overly restrictive? Consider implementing a “remote kill switch” for confidential files. Persistent policy security requires the file to “call home” each time it is opened. If the policy is removed or changed, the file is not accessible. Files may be restricted to specific mobile devices so that if they are deliberately or unintentionally sent to someone through email, the file cannot be opened. With one revoke access command files can be totally disabled!
With the release of millions of confidential US State Department and US Military documents to Wikileaks you have to ask the question, “Why doesn’t the US Government have “remote kill switches” for these TOP SECRET documents?” At some point they may figure this out!
Photo credit chrischappelear