The top 9 ways to secure mobile devices

And while executives may only take laptops with sensitive data out of the office occasionally, they probably will carry their mobile devices with them every day, everywhere. These devices are very vulnerable to loss, ranging from just being left behind on a restaurant table or cab seat to being stolen from a jacket pocket or being snatched with a purse.

Gold suggested that companies need to take a series of steps to mitigate the risk both on laptops and smaller mobile devices:

1. Educate users on the importance of security and ways to avoid the loss of their mobile devices and laptops.
     
2. Be sure password protection is set to "on" for all mobile devices. Most come with some built-in password protection, and higher levels of access security can be added through third-party applications.
     
3. Install a mobile management system that enforces reasonable data security policies on the widest possible range of mobile, wireless devices.
     
4. Determine which files can and cannot be downloaded and by which users, and enforce these rules through any means available, including port locking, protecting the company's most sensitive and regulated data from exposure.
     
5. Encrypt either individual files or the entire contents of the mobile device, depending on the organization's security needs, both for transmission and storage of sensitive information on mobile devices.
     
6. Enforce connection/VPN security standards for all transmissions to mobile devices to ensure transmission security.
     
7. Require active firewall protection and virus protection on all mobile devices and update the firewall and virus protection regularly through downloads from a central server.
     
8. Enable device lockdown and "kill" functions so that, for instance, if a device does not connect to the corporate network for 24 or 48 hours, or if it does attempt to connect after being reported missing, it automatically wipes the data in its memory clean.
     
9. Log device use to access any data defined as sensitive in regulations or otherwise considered sensitive by the organization (for instance, corporate financials, research results and customer data).

At the FOSE conference, Riva Networks Inc. and Trust Digital were showing security offerings for Palm devices. TealLock from TealPoint Software has also become popular for software-level Palm password protection and is available in an enterprise edition with centralized controls for mobile devices.

None of these are total solutions, Gold said, but some protection is a lot better than none.

"I advise my clients to do something soon, within the next 12 months," he warned. "I would advise them to start with an antivirus and personal firewall to protect their devices from viruses that will likely start showing up on the network within that time, and to install at least password locking if not data-level encryption as well on all devices that can access sensitive data."

Gold has published a white paper on the subject of mobile systems security and compliance, available through his Web site and on Computerworld's White Papers section.

Read more about mobile and wireless in Computerworld's Mobile and Wireless Knowledge Center.