Mobile device encryption
08.07.2020Back to blog list
Mobile Device Security
In recent years, mobile device use has gone through the roof, with smartphones an even more popular choice than laptops. Businesses realized the important role they play as long ago as 2004, thus giving rise to mobile device management, a set of tools and practices that allow administrators to manage devices, apps, and increase device security. In spite of the mobility and difficulty in tracking down all of these devices – smartphones, tablets, wearables, and the IoT, devices can now be accounted for and controlled simultaneously from a distance, including software updates, compliance administration, risk mitigation, and user settings management. These devices’ security is strengthened by complex passwords, clear and enforced policies, biometrics, mobile device encryption, and the avoidance of apps and public networks. MDM even enables employee smart phones to be remotely checked for certain unrecognized or unpermitted apps and allow deactivation of certain phone functions depending on how remote the device’s location is. Once the device leaves a certain radius, the user is issued a warning. Beyond that point, the MDM can wipe the entire device. This is an excellent means of protection against data leakage and surprising as it may be, only 45% of companies say they have an encryption policy in place for their most important data.
How to Encrypt Files and External Drives
Another measure for providing security as well as backing up information is external storage devices. An external hard drive greatly expands the amount of space that a company can save data on. In addition to the old-fashioned CDs and DVDs, companies can choose from a USB flash drive, external memory card, or encrypted cloud storage. Unfortunately, files are not automatically encrypted and can easily be compromised if an outsider should gain the credentials of one a company’s employees. However, Windows Bitlocker and MacIntosh’s FileVault can easily be enabled to encrypt data. Furthermore, other encryption software like VeraCrypt add an entire additional layer on the outside of operating systems and media, which will enable the user to process two different passwords to sign into their account. In addition, a smorgasbord of freeware and other selections, McAfee also offers end to end encryption, in which case both the sender and the recipient will possess the key to both encrypt and decrypt data transfer.
Data at Rest and Data in Transit Encryption
This is important because although data in transit is normally thought of as cyber criminals’ main target, data at rest are equally sought after, since it is usually more valuable. For this reason, the more rigid access is, the better. A flash drive, CD, or external drive should also be encrypted and require an additional password. In the same vein, anti-virus software is best complimented by endpoint security. In end to end data encryption, the keys used to encrypt the messages are only stored at the endpoints, using public key encryption.