How do you handle mobile security?

by Volker Weber

Whether you are a Notes or Outlook user, you may have a mobile device that contains data which belongs to your company. How do you protect it? What are you worried about? What kind of policies does your company have regarding its data on mobile devices?

I am putting together a presentation on these things and I would like some real world input. I talk to security people, and each and everyone of them has their own ideas. USB devices are something that can go from completely forbidden to well supported. Some people rely heavily on encryption while others deploy management tools that let you trace or remote wipe devices.

What's your take? Please comment in English or German as you see fit. You can also send me stuff by mail. Please indicate whether that information is confidential, whether you would want to be quoted or not.

Comments

After a recently stolen laptop, I have started using TrueCrypt. My PST files and other potentially sensitive data are now on an encrypted virtual drive protected by a strong password. This is my own initiative, as our IT department does not support any encryption solutions at this time.

Richard Schwartz, 2009-03-11

Ich muss mich zum Glück nur mit einem Minimum an Daten auf meiner lokalen HD rumschlagen, nämlich die, die ich selbst erstelle (Briefe, Präsentationen, usw.) - das macht die Sache ungemein einfach.

Das Notebook ist per TrueCrypt verschlüsselt.
USB Sticks verwende ich in meiner Firma nicht - genau so wenig meine Mitarbeiter. Wir haben funktionierende Mailserver.
Mein Terminplaner ist analog... :)
Die Groupware für Terminplanungen ist anständig gesichert und ohne Kundenspezifische Daten. Nur ein "Beratung / Service / ...." und Ort + Dauer, so dass z.B. ein Mitarbeiter weiß, wann ich für Ihn Zeit hätte ohne warten zu müssen bis er mich ans Telefon bekommt. Das ganze synchronisiert mit meinem iPhone und meinem Handy.

IMHO am wichtigsten: ich lasse die Sachen nicht aus den Augen. Handy im Sacko, Terminplaner und Notebook in meiner Aktentasche, beides an mir, egal wann.

Timo Zimmermann, 2009-03-11

Die IT Abteilung setzt die Richtlinien der internene Sicherheitsgruppe um. Dafür werden den US Behörden Standards Rechnung getragen (wg. US Mutterkonzern).
Das heisst: alle mobilen Geräte sind grundverschlüsselt, bestimmte Dokuente und Informationen dürfen dort dennoch nicht gespeichert werden (Kundennetzdokumentation z.B.).
Ich persönlich habe den .pst File auf dem Fileserver liegen und binde diesen bei bestehender VPN Verbindung ein.

Olaf Baumert, 2009-03-11

I don't really do anything special when it comes to mobile computing. I always lock the screens when away from my computers and leave my computers not unattended when in a public environment, but I don't go as far as using encryption on devices.

Philipp Sury, 2009-03-11

I'm a bit paranoid with regards to theft or loss of my mobile devices. Windows laptop was fully encrypted and secured with SafeBoot while I still had that. For my Mac I use PGP Whole Disk Encryption (WDE), with pre-boot authentication. (Unfortunately, when the Mac is in sleep mode, that doesn't work -- upon wakeup the normal Mac login appears.)

I have a "corporate" BlackBerry (BES), so that is pretty safe, and it can be destroyed remotely. Other phones carry almost no data, except for contacts and calendar; bad enough, but there is pretty little I can do to fix that.

Jan-Piet Mens, 2009-03-11

Ich war auf der cebit etwas überrascht, dass die Businessuser durchgängig den Code-Lock am iPhone aktiviert hatten, die meisten sogar instant-on und teilweise war auch die SMS-Anzeige ausgeschaltet.

Security und Usability schließen sich nicht aus.

Kai Nehm, 2009-03-11

Recent comments

Jochen Kattoll on The Neighbor’s Window :: Oscar Winning Short Film at 22:21
Harald Gärttner on Microsoft Office app on Android and iOS at 15:09
Volker Weber on App-Store-Interna: Apple geht gegen Buchveröffentlichung vor at 14:55
Oliver Stör on App-Store-Interna: Apple geht gegen Buchveröffentlichung vor at 13:42
Volker Weber on Microsoft Office app on Android and iOS at 13:02
Harald Gärttner on Microsoft Office app on Android and iOS at 12:56
Volker Weber on Marshall Monitor II A.N.C. :: Erste Eindrücke at 08:07
Thomas Cloer on Marshall Monitor II A.N.C. :: Erste Eindrücke at 07:57
Matthias Lorz on The Neighbor’s Window :: Oscar Winning Short Film at 12:47
Volker Weber on The Neighbor’s Window :: Oscar Winning Short Film at 11:54
Fabio Peruzzi on The Neighbor’s Window :: Oscar Winning Short Film at 11:48
Fabio Peruzzi on The Neighbor’s Window :: Oscar Winning Short Film at 11:45
Horia Stanescu on The Neighbor’s Window :: Oscar Winning Short Film at 07:04
Martin Funk on The Neighbor’s Window :: Oscar Winning Short Film at 00:00
Sven Bühler on I am not ready for a foldable phone at 22:03
Andreas Imnitzer on The Neighbor’s Window :: Oscar Winning Short Film at 21:48
Roland Dressler on I am not ready for a foldable phone at 15:02
Daniel Seiler on I am not ready for a foldable phone at 13:51
Roland Dressler on I am not ready for a foldable phone at 12:55
Hubert Stettner on I am not ready for a foldable phone at 10:51
Matthias Welling on Tools and Weapons #nowreading at 09:05
Ingo Harpel on You may secretly be a Bing user at 20:01
Amy Blumenfield on Tools and Weapons #nowreading at 19:44
Horia Stanescu on You are famous on Botnet at 12:33
Volker Weber on You are famous on Botnet at 20:17

Ceci n'est pas un blog

I explain difficult concepts in simple ways. For free, and for money. Clue procurement and bullshit detection.

vowe

Contact
Publications
Stuff that works
Amazon Wish List
Frequently Asked Questions

rss feed  twitter  amazon

Local time is 07:48

visitors.gif

Paypal vowe