Tools for securing mobile drives

Encryption is key
The first essential element for protecting information on mobile drives and setting your users up for success is to employ encryption. Yep -- the tried and true security "solution" that has failed us so many times in the past actually works very well in this situation. By encryption, I'm referring to encrypting whole disks and/or volumes -- that is, entire C: drives or entire USB drives, for example. This offers the ultimate in security. Once the lost or stolen system is powered off, hibernated or (as in the case of PDAs and smartphones) has been idle for a certain period of time, the person who found (or stole) the system will be stuck at a login prompt. Just what the doctor ordered.

There is another popular way to go about encrypting sensitive information on mobile drives. You can encrypt certain portions of your mobile drives by creating encrypted "partitions" -- something that has worked well for me in the past. However, security is much weaker here because you're depending on your users to store all sensitive information on that partition -- a major no-no.

More on this topic How can I safe guard data if an employee loses their mobile device? Mobile security: An oxymoron? Immediate measures to lock out mobile threats

As if user carelessness is not enough, operating systems and applications often save (and don't clean up) files in areas such as temp directories and application directories, leaving the information exposed. If a mobile device is lost or stolen, the chances are good that someone can gain access to sensitive information strewn across the drive. Therefore, whole-drive encryption is the best way to go.

Encryption products
There are various products available to help you with encrypting your mobile drives. My favorite is PGP Corp.'s relatively new Whole Disk Encryption, which has worked flawlessly for me thus far. I encourage you to check out the other options as well, such as Utimaco Safeware AG's SafeGuard Easy and GuardianEdge Technology's Encryption Plus Hard Disk. Seagate is even offering Full Disk Encryption (FDE) technology on their notebook drives which encrypts information at the hardware level. Pretty nifty.

There are also vendor-supplied encryption products such as Microsoft Windows' Encrypting File System, but I'm not a big fan. For starters, you must rely on your users to store all sensitive information in their encrypted folders. There are also known technology weaknesses, configuration and administration complexities, and for the truly paranoid, there's the trust factor associated with vendor-supplied encryption products. Having said this, if you're a Windows shop, you'll be pleased to know that Microsoft is including a volume encryption technology called BitLocker in the forthcoming Windows Vista…certainly worth considering when it comes out.

Also essential: Backups
The second essential element for keeping your data intact is to ensure you've got good backups. A tried and true method for backing up mobile drives is to integrate your backups into an existing backup system (i.e., tape) by installing client backup software, performing an initial full backup and then performing ongoing full backups once a month or so and incremental or differential backups once a week, or whatever works best.

A product that I like even better is to implement a disk-to-disk backup product such as Acronis Inc.'s True Image Corporate Workstation. Given the low price of hard drive storage combined with Gigabit Ethernet and the ability to run while Windows is loaded makes drive backups much less painful and inconvenient. In addition, you get a great benefit on the back-end because you can "mount" the backup images as a local drive to retrieve a lost file or directory and can even restore the entire drive image to a known good state.

While you're tuned into the subject of securing your mobile drives, don't forget about your PDAs and smartphones, as they often house sensitive information your organization might not be able to afford to lose either. Companies such as PDA Defense and Pointsec Mobile Technologies offer dependable products. There's also an open source product called Keyring for Palm OS. Encourage your users to sync their devices on a consistent basis as well in the event of lost data. Also, you may wish to look past laptops and other mobile devices and consider encrypting the hard drives of desktops and servers that house sensitive information if there's any chance of physical theft.

Furthermore, the last thing you and your team need to be working on is managing cumbersome backup jobs, restoring individual files from tape and other time-wasting tasks.

This article originally appeared on SearchStorage.com.

Rate this Tip To rate tips, you must be a member of SearchMobileComputing.com. Register now to start rating these tips. Log in if you are already a member. Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Mobile Security On-device defenses for mobile malware Mobile malware: Coming to a smartphone near you? Protecting data on your BlackBerry Defining your mobile security policy Government regulations and mobile security policies Symbian: Protect your data, not just your device Mobile security policies: Why a policy is important Avoiding data breaches through mobile encryption Mobile security: Setting responsible goals Mobile security: Top oversights Mobile Device Security Protecting data on your BlackBerry Going green: Recycling and energy saving tips for mobile devices -- podcast New challenges in mobile device discovery Quiz: Mobile Device Security -- Who else can hear me now? Mobile device security: Guarding the gate Mobile voice encryption gets cheaper, easier to do Top mobile tips of 2007 Mobile device security: Improving mobile authentication Mandate security training to safeguard your mobile fleet Google's Android platform could complicate security Mobile Device Security Research Mobile Security Software and Tools On-device defenses for mobile malware Sybase adds antivirus and firewall to mobile management suite Detecting rogue mobile devices on your network Symbian: Protect your data, not just your device Mobile devices: Corporate security strategies Mobile phone spyware -- it's here Mobile security -- Are antivirus and firewalls enough? Smartphones, PDAs left in cabs at alarming rates Endpoint security extended to smartphones Locating a lifted laptop RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary mobile VPN  (SearchMobileComputing.com) screaming cell phone  (SearchMobileComputing.com) SMiShing  (SearchMobileComputing.com) RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.