Feeds

Danger, Will Robinson! Beware the hidden perils of BYOD

And we're so nice, we're telling you how to dodge them

Designing a Defense for Mobile Applications

When I first became involved with networked PCs, the company I was working with was upgrading its NetWare 2.0a installation to 2.15. We were pushing the boundaries of networking with our three-way gateway connecting Ethernet, Token Ring and PCnet.

The only local storage on all but the most high-end PCs was a floppy drive, and even if you took data offsite you probably didn't have anything at home that you could read it on.

Now it is the opposite. Far from being confined to the office, we are actively encouraged to read and create data while out on the road, working from home, sitting in a client's office, waiting at the airport or speeding through the countryside on a train.

Making and using data wherever we are brings massive productivity boosts, but, as always with technology, this silver lining has a cloud.

If you take data out of the office, there is a chance that you will lose it. In fact, according to the stats on the Metropolitan Police's website, up to 10,000 phones are stolen in London each month.

Losing an expensive device is annoying enough, but placing the data it holds at risk of being seen by others can be legally or financially ruinous. Protecting the data on your users' devices is absolutely critical.

Lock the laptops

Where a user's primary point of contact with data is a desktop PC or thin client the risk is minimal and there is little you really need to worry about aside from locking the door at night. As soon as you give the user a laptop, though, you will want to protect it against loss.

Happily, if you are a user of the business-centric editions of Windows 7 or 8 you have the option of using BitLocker to encrypt the entire disk, and there are dozens of third-party equivalents if BitLocker's not available on your setup.

Of course, while no encryption technology is entirely secure, making the effort to encrypt your data will protect against all but the most persistent thief.

The same applies to USB memory sticks. There is really no excuse for not using encrypted sticks to carry important data as the range is almost infinite and they cost next to nothing.

The only issue with them is that they often use an on-board encryption application that runs when you insert the stick into your desktop or laptop, so if you are not a Windows user you need to be sure that the on-board app supports your Mac, Linux machine or whatever.

Sweet BlackBerry

More portable and easier to lose than the average laptop, mobile phones bring a new level of risk to taking data offsite.

The approach devised by RIM, the makers of the BlackBerry range, was innovative: tie the devices into the enterprise using secure data links and a central management server (the BlackBerry Enterprise Server), which has total control over every device it knows about.

You can force the user to use a password as basic protection in case someone inadvertently picks the device up, and if someone walks off with it you can disable and wipe it remotely via the enterprise server.

Web browsing can be forced to go through the corporate network too, which means you can apply filtering rules just as when the user is on the office network.

When RIM came up with its own tablet, the PlayBook, it was particularly cunning in the way it dealt with confidential information.

As the device is intended as something of an iPad-basher it has the ability to work autonomously for web browsing and the like, but if you want to read your email or other confidential corporate stuff you have to pair it with your BlackBerry handset as a pretty (but dumb) window.

If it can't see the BlackBerry, you can't use it to read your mail. Sneaky but clever.

The Power of One eBook: Top reasons to choose HP BladeSystem

More from The Register

next story
Apple fanbois SCREAM as update BRICKS their Macbook Airs
Ragegasm spills over as firmware upgrade kills machines
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Attack of the clones: Oracle's latest Red Hat Linux lookalike arrives
Oracle's Linux boss says Larry's Linux isn't just for Oracle apps anymore
THUD! WD plonks down SIX TERABYTE 'consumer NAS' fatboy
Now that's a LOT of porn or pirated movies. Or, you know, other consumer stuff
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.