Stop! There Goes My Phone!Stop! There Goes My Phone!
Users are loading smartphones with sensitive data, whether you want them to or not. Here's how to stay secure.
February 7, 2008
While the number of point products aimed at addressing your business' mobile security issues can seem overwhelming, there are many established players in this field. To get a feel for what these suites can do, we took a few offerings for a spin in our lab. Trust Digital, which partners with GuardianEdge--certified by the General Services Administration Data At Rest Tiger Team for laptop security--and has won several government and private-sector contracts, sent us its latest smartphone security client, and Trend Micro sent a copy of its forthcoming mobile security suite.
Both Trust Digital's Smartphone Security Management Software and Trend Micro's Mobile Security 5.0 armed us with a variety of methods to secure our mobile devices. The most interesting feature is SSMS's trusted applications model. Rather than a simple whitelist or blacklist to define what can or can't be run on an application, Trust Digital can determine which applications may work with certain data types. For example, we could specify that only Microsoft Word could access Word documents. This can be useful in protecting against malware. One of the main differentiators between Trust Digital and Trend Micro is that TMMS 5.0 is managed from the same console as Trend Micro's desktop security product.
We liked both Trend Micro's and Trust Digital's encryption models. Enterprises can define encryption keys that are limited to an individual device or on a group basis, so data can be shared. The only problem is that only one policy can be enforced per device, so a user can't have her onboard memory encrypted with a unique encryption key, say, while an SD card is encrypted with a shared key so it can be passed to other users. Trend Micro and Trust Digital also include table-stakes features such as hardware lockdown and remote wipe. Trust Digital throws in software distribution capabilities, but, as it's a security-focused product, it lacks some of the advanced inventory and reporting features found in the mobile device management systems we reviewed back in April (see Analysis: Mobile Device Management ).
About the Author(s)
You May Also Like
Perspectives on Security for the Board - 3rd Edition
The Forrester Wave™: Vulnerability Risk Management, Q3 2023
Cloud Security Maturity Model: Vision, Path, Execution
Responsible data use: Navigating privacy in the information lifecycle
Checklist: Top 6 Considerations to Optimize Your Digital Acceleration Security Spend