Androids, Apples, the Long Distance Wipe and Mobile Computing Security

Statistics from reputable sources are clear: Symantec of anti-virus software fame found that 73% of organisations it contacted saw higher levels of efficiency as a key advantage. Deloitte, the audit firm, has said that 71% of enterprises are already deploying mobile apps. That means opportunity for faster sales reactions, improved productivity and even lower operating costs if employees use their own tablets or smartphones. But it also means greater risk to company data now stored on devices that can more easily be lost or stolen, or that can simply be removed if their owners leave the organisation to work elsewhere. These potential security holes need to be plugged.

One option is the remote wipe function that is now present in many smartphones and tablets. The concept is simple: with a code, you can delete data on the device remotely. Vendors may offer different possibilities for using this ‘mobile kill switch’. For instance, a complete memory reset deletes all data. Selective deletion might remove only company data. Geo-localised deletion wipes the device’s memory clean if it is taken outside a certain perimeter and local deletion is done after login attempts fail more than a predefined number of times.

However, it is also possible to prevent data from being stored in the device in the first place. Enterprise security and file-sharing software can restrict user access to viewing data only. Virtual desktop applications turn the device into a window for viewing data and running applications that are all stored on a central server. No information or associated program is ever held on the device. That still leaves you with the problem of visual data snooping: somebody looking over the user’s shoulder to see what is on the user’s screen. In that case, follow up with an information security awareness campaign and education to help users avoid exposure to such risks.