Protecting your business data when you're out on the road

Protecting your business data when you're out on the road
Avoid disaster by protecting your mobile tech

According to London's Metropolitan Police, as many as ten thousand mobile phones are stolen every month. For business employees, losing valuable and even sensitive information through mobile, iPad and Android tablet and laptop theft, can be catastrophic. Fortunately, there are a huge number of practical things that can be done to protect mobile devices.

First of all, mobile phones and computers can be registered at the UK National Property Register which can help police to track stolen goods, and should they be found will speed up their return.

Log your phones unique IMEI number

Secondly, businesses could record the details of their electronic serial numbers (ESNs) and consider taking out separate insurance to cover mobile devices. All mobile phones have an IMEI number which is a unique identifier for the phone. This can be obtained by typing *#06# (star hash 06 hash) into your mobile phone and hitting dial, the phone will then return a unique fifteen-digit number that identifies that phone to the networks. As another line of defence you could also property-mark the phones with the company's postcode and building number, to help police identify the owners should they be found later.

Another popular option for protecting mobile devices is the asset tag, which is an individually-numbered security sticker that you attach to the computer. These are durable aluminium or plastic stickers that bind permanently to the machine, and have a unique barcode or serial number printed on them. This unique identifier enables businesses to build up a database of their assets, and the barcode means you can scan them in and out of the office.

Software to protect your laptop

Laptops should have adequate security software, as is the case with office-based ones. The sky is the limit when it comes to implementing security software, but there is a minimum level of security that any business should have.

This should comprise antivirus software, to catch viruses and Trojan horse programs, anti-spam software to control spam which could contain malicious code or links to hacker web sites, and anti-phishing software to detect financial hacking techniques. The security suite should also have a good firewall to monitor the laptop's Internet connections and prevent hacking attempts.

Connecting to wireless networks securely

As with office computers that use a wireless network, it is essential to use encryption technology to scramble wireless data in transit, and make sure that employees connect only to networks that they know are secure. This is particularly important when accessing public wireless networks in cafes and travel centres. There are ways for hackers to spoof the name of the public Wireless network and to record passwords and usernames as well as take credit card details, and to access other people's information, via the networks.

Businesses that access information remotely might want to set up a virtual private network (VPN) to connect securely with the office. VPNs come in two forms; a software application, or a dedicated hardware appliance. The VPN adds an additional layer of security over the internet allowing you to connect to your home network securely even over a public wireless network. The remote worker tends to access this secure connection using a login name and secure password, but they might also use a hardware security token, which is a little device that generates a unique password every few minutes. (RSA SecurID is one of the more popular hardware token security systems.)

Fingerprint readers and disk encryption

Many notebooks now come with additional security features such as biometric fingerprint recognition, which only let the right person login. Full disk encryption is another option, and this will secure part or all of the information on a computer's hard drive, and render the machine useless to any criminal who tries to steal it. This can either be part of the laptop hardware, at the operating system level – Windows users can encrypt data on their hard drive via the Control Panel, but it's set to off by default, - or it can be installed as an add-on via a software application.

Then there is remote-wipe technology, which lets the business delete all the information on a mobile device by sending a message over the network, and this also resets the mobile phone's settings to the factory defaults. Inexpensive mobile phone tracking services are also available that give businesses the ability to track lost or stolen devices by GPS.

Security best practice

As well as using tools and techniques to keep mobile data secure, mobile workers are also advised to use good security practices when out and about.

So, they should keep their phones and laptops out of sight in a bag when not in use; use their phone's security lock code; and have a secure password to login. If their mobile computer is stolen, they should report it to the police (and the business) immediately, additionally to avoid possible costly phone charges you should inform your mobile service provider as soon as you are aware that a phone is stolen or lost.