usage policy business analyst and technical writer


 Home  Who We Help  Services  Approach  Case Studies  Resources  Contacts  About Us

WITH CARE, PORTABLE DEVICES CARRY ACCEPTABLE RISK

The news stories and resulting public attention around the Research in Motion versus NTP patent dispute show how dependent we have become on portable computing devices. There was widespread fear that RIM would have to shut down its email service leaving millions of customers stranded. Luckily, the companies have settled out of court so we can all sleep better at night. Or can we?

Having your mobile communication service shut down is not the main thing you should be worried about. Damage, loss and theft of mobile devices are far more common and complex.

The cost of replacing a lost or destroyed mobile phone, PDA or laptop PC is often far less than the value of the information it contains. In addition, privacy laws and regulations such as HIPAA and SarbOx may result in serious consequences and fines when corporate information is mishandled.

Today's business world is a mobile one. The days of sitting behind a desk all day are gone for most of us, as are the days of the tightly defined network defense perimeter. We need the ability to go anywhere and access anything. The possible loss of mobile devices is an acceptable risk.

Here are some things you can do to mitigate the risks and minimize the resulting inconvenience.

Start by educating staff members about the risks. Many mobile device losses or thefts occur in airports, lounges and taxi cabs. Increased awareness about the risks in these areas can prevent many mishaps that result from simple carelessness.

Inform your employees that the physical security of their devices and the data they contain is their responsibility. This includes passwords, encryption keys, digital certificates and security tokens.

Anyone who has an expensive and sought-after device should be discreet. Don't flaunt the fact that you have the best and most expensive PDA on the market. You'll attract opportunists looking for a new toy and professional thieves looking for a big payday.

Next, prepare for the inevitable. No amount of training will eliminate all the risks. Some devices will be lost, stolen or damaged no matter what you do.

Here is a list of preemptive actions to improve the odds of getting the device back and to make it difficult for anyone to use the information it contains:

Another form of theft that is no less dangerous is virtual theft. This happens when someone obtains access to your device without your knowledge or consent and copies files. Devices that support WiFi and/or Bluetooth are at increased risk.

WiFi can be configured for "ad hoc networking" which allows any two WiFi devices to communicate. Neither device needs to be connected to a network. Bluetooth devices will connect to any other Bluetooth device by default.

These communication facilities should be turned off when not in use to prevent malicious connections. In addition, any shared resources such as folders or peripherals should be protected by passwords to prevent random sharing.

Lastly, be sure you have an up-to-date backup of the information on the device. Replacing a piece of hardware is easy and cheap compared to the cost of re-creating its contents.



Vin D'Amico is Founder and President of DAMICON, your ADJUNCT CIO™. He is an expert in IT Business Continuity Planning, Network Security Policies, and Freelance Writing focused on white papers, case studies, and handbooks. DAMICON services firms worldwide.

This article appeared in Vin's monthly Virtual Business column for the IndUS Business Journal in April 2006.



To learn more about how DAMICON can help your business, please take a look at our service programs.

















Virtual Business

Virtual Business

This column appears monthly in the IndUS Business Journal.