If you’ve felt like trying to protect your network is like trying to secure a moving target, you’re right, especially now that the corporate network extends beyond PCs to many mobile devices such as laptops, BlackBerrys, iPhones, iPads etc. There is growing concern among organizations with mobile workforces about lost and stolen devices due to the increasing amount of data stored on a typical smartphone or other mobile device. In addition, organizations that deal with financial data, healthcare information, or personal identification have to comply with several regulatory requirements (such as HIPAA, GISRA, and SEC) for adequately protecting data, wherever it is stored.  The need for mobile device security is greater than ever before and this issue raises two important questions: first, what security technology is available for encrypting and password protecting sensitive data accessed by moveable devices, and second, what steps must be taken to maintain control of sensitive information stored on moveable devices?

For laptops, readily available encryption software programs can create a virtual drive wherein sensitive data files and programs are automatically encrypted.  There are many encryption software programs available at many price points.  When choosing among vendors of removable media encryption software, organizations should consider whether the encryption algorithms have been validated (for assurance that the product will protect their files) and then decide on a product that fits their needs.  File encryption and decryption in a virtual drive should be transparent to users.  There should be no degradation of speed when accessing these encrypted files: they’re seamlessly encrypted and decrypted in the virtual drive, and whenever the user leaves the computer, access to these files is locked.

For mobile terminals, security client software can be loaded, and a service to remotely lock a handset, erase its data, or locate it is ideal technology but can be expensive.  These types of mobile device management platforms are primarily used within large enterprises, while midmarket enterprises typically use managed security services, as wireless carriers increasingly offer security services to their customers.  Of course, there's no cost to apply common sense security measures such as making sure each mobile device has a password and will auto-lock after periods of inactivity.

For mixed smartphone environments (including BlackBerrys, iPhones, or even iPads) management capabilities can vary greatly from device to device, but you can enforce PC-level security and data management by
• Connecting devices to the network via a VPN
• Accessing the company desktop remotely via Citrix Receiver software
• Utilizing Exchange Server 2003 or 2007 for email- Exchange and Active Sync provide many administrative benefits and the ability to remotely wipe devices of all data and settings

Specifically for iPhones and iPads, there is an enterprise configuration utility to deploy passcode policies and remotely configure VPN, email, and wireless network settings and install certificates and device restrictions.  Since iTunes is used to sync or update iPhones and iPads, Apple has now provided customization abilities that restrict or disable services like shared media libraries and enable controlled access to software updates. 

Crucial steps can also be taken to develop a security policy and procedures that cover portable and removable media devices as well. Such policies help ensure that all employees are on the same page with regard to handling confidential company information and equipment.