Last Mile Data Security
Posted by Ralph D'Altilia on Mon, Nov 21, 2011 @ 02:09 AM
Every enterprise and executive today is concerned about protecting sensitive corporate data whether it is on centralized servers,desktops ,thin clients or on distributed mobile devices. Everyone in business now realizes all electronic devices are vulnerable and when sensitive data is compromised the price an enterprise pays is very high in legal liabilities and government penalties for not being in compliance. This vulnerability and liability are the reasons the computer security industry is prospering and billions of dollars are being spent every year by enterprises on a broad spectrum of security solutions to try and stop the compromise of corporate data.
One lesson that business and the security industry has learned is there is no single “lock” to guarantee data is secure.Computer security demands a “layered approach” to protect sensitive data and ensure compliance with new and stringent government laws.Today enterprises use Anti-Virus ,Spyware ,Anti-theft, Single Sign On ,hardware and software hard disk encryption ,Data Leakage etc.in numerous combinations in an attempt to better protect their networks and computers from compromise. In the end however when a portable device is stolen or lost the only last line of defense to protect sensitive corporate data is to turn the portable device into a brick so it is rendered useless.
There are several “last mile” anti-theft/poison pill approaches to disable and render a portable device useless .One approach is software based , the other is hardware centric and the third is either through hardware or software with the ability not only to disable the device ,but to ensure the data on the hard drive of the device is encrypted.The hardware approach makes the anti-theft solution tamper proof where software however remote is vulnerable to hackers.Adding data encryption capability for the hard drive on the device to a “last mile” hardware centric poison pill ensures that the compromised mobile device cannot access your networks and servers and the data on the drive cannot be transferred to another device.
There are no absolutes when you are deciding on what security techniques you are going to layer into your networks and electronic devices to protect corporate data at rest or in motion.Arguments can be made for many different ways to secure information and devices every day ,but when the portable device is stolen or lost you must have a “last mile” poison pill solution to turn the portable device and its storage into a useless brick.