member sign-in
Forgot password? Create new account Close

Mobile Data protection

Definition

Mobile Data Protection is the technology that enforces data privacy policies by managing data encryption on the primary storage system of workstation data storage platforms, from hard drives, solid-state disks, and removable media used in conjunction with workstations and smartphones and consists of a central console, an active endpoint agent for the target device, and an offline/stand-alone agent for removable media.

The technology is called mobile data protection because the primary buying decision has always centered on portable devices that cannot rely on traditional physical security but the technology has value on non-mobile systems, such as desktops and servers. Mobile Data Protection products are capable of providing all encryption/decryption processes in memory as a service to the OS.  Encryption may be invoked at the level of individual files, as is common on small mobile devices, or at the folder, partition, or full disk for larger systems. Users must answer a login challenge to gain access to data starting from a simple PIN to a complex password, token or smart card, etc.

User Benefits

  • Protect a broad range of data on all devices - Provide consistent protection for data on desktops, laptops, mobile devices, removable media and portable storage devices; secure a broad range of information including customer data, intellectual property, legal and financial records, and employee records.
  • Simplify security management - Implement and enforce company-wide security policies that control data encryption and user authentication—all from a central console; support compliance with internal and external security regulations.
  • Keep employees productive - Maintain operational efficiency with transparent encryption and decryption that causes virtually no interruption to users or system performance; allow users to access, store, share and transfer data safely.
  • Integrate with existing infrastructure -Integrate and synchronize with Active Directory, LDAP, PKI, and others; support all Windows operating systems and common languages.

Business Impact

There are four categories of potential costs incurred by organizations when computing equipment, with corporate information, is lost or stolen. These costs include replacement, recovery, impact, and brand image. Some of these costs are straightforward, such as the price of a computer or software. Others may vary by industry, pertinent regulations, and associated penalties, and other competitive market conditions.

Encryption is an essential tool for protecting data confidentiality and integrity and to minimize costs associated with information lost or stolen.


Products supporting this technology

Gemalto McAfee

Encryption is a security technology used to protect the confidentiality, integrity, and availability of information stored on or transmitted. Encryption solutions automatically modify digital files and make them unreadable to unauthorized users. The software allows authorized users to automatically decrypt files for use with appropriate applications and is transparent to users.

Using the encryption is important for the modern enterprise. In the early days of computing, digital resources were under an organization’s strict control. When the Internet did not exist the transfer of digital files to computers outside an organization’s without control did not happened. Today, digital information can go anywhere easily. Previously, most security precautions have focused on preventing hackers and criminals from accessing sensitive computing resources via the network perimeter or endpoints. Now enterprises must also address the risk of losing portable devices containing sensitive data.

Surveys indicate that up to 80 percent of information theft results from lost or stolen equipment. Every laptop, PC, personal digital assistant (PDA), portable music player, flash memory stick, external hard drive, smartphone, or any other mobile device that can store data is a potential weak point. It is impossible to always control who has possession of or transfers confidential files onto mobile devices. But, access to that information can always be controlled - with encryption.

The number of worldwide mobile workers is increasing continuously and can be around 1 billion until the end of 2011. With more business being conducted outside of a traditional office, the risk for data to be exposed or lost is increasing continuously. More than 2,500 laptops are stolen or lost daily. Companies are also facing increasing challenges protecting their data—whether it is distributed or centralized—as information continues to grow exponentially. Companies need to identify their high-risk records such as personal data, customer data, intellectual property, proprietary information and trade secrets, and manage them for compliance, regulatory or risk purposes.

Data drives business. Whether it's intellectual property, human resources files, financial statements, customer data or even vendor information, data is the one thing that keeps business moving. If company data is destroyed, lost or stolen, business continuity can be severely compromised.

Replacement costs pertain to the physical replacement costs of lost or stolen computing equipment.

The lost or stolen hardware may consist of one element, such as a laptop, computer or smartphone. A common but increasingly dangerous scenario is when an employee or contractor forgets a briefcase in a cab or at some other location and consequently loses multiple company-owned devices. The replacement cost includes licenses to replace the operating system, word processing, spreadsheet, presentation, communication, security, utility, and any other pertinent business software. Encryption does not reduce direct replacement costs of lost or stolen hardware or software.

The IT department will be required to configure a new device or devices to replace the lost or stolen gear. In addition to installation and configuration of software, the device will require restoration of the most recent data backup. The person from whom the equipment was lost or stolen may be unable to perform until is replaced. The effect could be substantial if the stoppage of workflow affects revenue-driven activity.

The critical question for assessing exposure is “Do we know what information is on the lost system?”

The corporate security team willneed to assess the effect of exposure due to the potential release of sensitive corporate information. The effect will grow if the loss or theft includes personally identifiable information of customers—especially if it is subject to regulation and personal privacy laws.

Encryption eliminates most of the requirement for assess­ment because encrypted data cannot be accessed by unauthorized people, so the loss only pertains to the lost equipment and not a company’s brand or intellectual property.

Impact costs pertain largely to compliance with regulations and laws about personally identifiable information that may have been exposed by lost or stolen equipment or breach of a network-attached device containing that information. Many government regulations and laws require companies holding personally identifiable information about customers or individuals to provide safeguards for this type of data. A company responsible for a breach of personally identifiable information may have to pay for personal credit checks and thwart identity theft with ongoing monitoring of credit for customers affected by the disclosure of data.A data breach can trigger extensive new demands on customer support staff responding to phone calls, email, and letters about the incident. Exposure of personally identifiable information can reveal home addresses of employees and customers, which could lead to personal harassment or possible physical harm.

News of lost, stolen, or breached customer data can be driven for the success of the competition. It gives them the ammunition they need.

Encryption eliminates all effects of information loss because it prevents unauthorized people from accessing that data. The value of image is hard to quantify.  It is difficult to anticipate how customers and the public will react to news that a company’s data was lost or stolen. A company’s reputation may suffer in the wake of a data breach. Also, class-action lawsuits and regulatory fines have resulted from the same news.

It is critical for company executives to do everything in their power to ensure that their businesses can recover from any data disaster as quickly as possible—and with as little disruption to the business as possible.

 It has become essential for a company to implement a consistent data protection process that protects centralized, and equally as important, distributed data as business is increasingly conducted in non-traditional locations.

Companies must implement a proven process for distributed data protection. In order to do so, they should follow the process that will help to define, deploy and maintain a strong data protection program.

Organize and determine scope for a successful project- Companies should first look to understand their data; specifically, where it resides and how important each piece is. Then they should identify the processes and responsibilities associated with protecting and recovering that data.

Assess the risks- After companies determine the scope of their data, they should then assess the risks associated with it. Business-critical data should be handled with a higher security level than less important data. Companies should treat different kinds of data according to the value they have to the business, and perform a risk analysis of their entire backup process to identify any potential problems.

Develop a plan for the protection and recovery of data- Companies must also think about how quickly different kinds of data need to be recovered. They need to consider the relative importance of older data, and decide how far back in time they need to be able to recover data. Companies should be mindful of security to ensure that neither the backup nor the recovery process exposes sensitive data to people who shouldn't have access to it. And, of course, companies must document it and be sure to review it with people who have a role in the process.

Implement the program- As part of the rollout, it's important for companies to communicate the plan to everyone who participates in the process. They should also make sure everyone understand why it's important to have a plan and to follow it.

Manage and enforce- Companies should keep their program current, automate whenever possible, and make sure employees are reminded of their responsibilities.

Audit and test the plan- Companies should test the process once it's in place, and use people who are less informed so they're ready to jump in if the expert isn’t around when a disaster hits.

For companies in many industries, information is their most valuable asset. Before employers allow their workers to conduct business from home, they need to consider their data storage and protection policies. As the number of mobile workers continues to increase, it will become even more of a priority for companies to adopt a process for consistent data protection. This will help to ensure that both centralized and distributed data is protected at all times. It will also aid companies in controlling their exponentially growing information, which is increasingly regulated and can be called upon at a moment’s notice.

  • manufacturer