'One of our laptops is missing'

These are words no IT manager ever wants to hear. Beyond the embarrassment, there is the danger of seriously bad publicity, damage to brand equity and legal liability. It is possible that losing even a single mobile computer loaded with sensitive information can kill an otherwise thriving business.

The good news is that current technologies and best practices can lower the risk dramatically when mobile computers are lost or stolen.

The first step is to recognize that a lost or stolen mobile device is a data management problem, not a physical-asset inventory problem. A laptop or any other computer is just a container. It's the information on the machine that can hurt you if it falls into the wrong hands. Mitigating the risks involves proactively managing and protecting sensitive information from unauthorized access or disclosure before that asset goes missing.

IT managers traditionally have faced three hurdles in protecting sensitive information on fixed and mobile devices.

-- Lack of real-time visibility into the configurations and kinds of information on individual assets. The majority of organizations don't have the foggiest idea about what information is on these devices, much less how well it is protected. This means that anytime a mobile device disappears, IT managers have to assume the worst and warn stakeholders of the maximum potential harm.

-- Inability to set and enforce information management policies for individual assets. There are a number of actions managers should take to protect information on mobile assets. These include encrypting data; building in strong user-access controls; blocking data transfer from secure to nonsecure devices (such as USB drives); and keeping antivirus, antispyware and anti-intrusion software up to date.

-- Inability to manage information on assets intermittently connected to enterprise networks, that is, laptops and other mobile computers. Too many management tools have a blind spot when it comes to mobile systems. Either they ignore such systems entirely or access them only when hard-connected to enterprise networks. Needless to say, there is ample opportunity for roaming mobile systems to drift out of policy compliance.

Overcoming these hurdles at first sounds like a tall order, but technologies exist that enable effective, proactive protection of sensitive information on mobile devices. In particular, technologies combining agent-based client management, real-time reporting of client configuration and state, and ability to manage devices anytime they can "phone home" to the enterprise, offer the preconditions for building a proactive approach to reducing mobile-computer data-leak threats.

So, what happens when a mobile computer managed through these methods goes missing? First, managers will have a good idea of the kind of information it contained and the extent of the threat the loss represents to enterprise operations and company reputation.

Second, managers will be able to report to their bosses and the public that any sensitive information on the missing computer has been protected with state-of-the-art measures.

Finally, in the event it might log on to the Internet after it goes missing, a machine can be preprogrammed to identify itself automatically to managers and subject itself to actions that range from wiping clean all data on a disk or otherwise rendering itself inoperable. Here, however, managers should be aware that not all machines log on to the Internet and, as noted earlier, thieves can access the hard disk directly to explore it for data.

The best way to reduce business risks from wayward mobile computers is to focus on preempting the problem with effective management of sensitive data. While accomplishing this ideal sounds daunting, commercially available solutions can bring this vision close to reality.

Williams is CTO at BigFix.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Amrit Williams

Network World
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?