Loss and Theft Protection of Enterprise Mobile Devices - dummies

Loss and Theft Protection of Enterprise Mobile Devices

By Rich Campagna, Subbu Iyer, Ashwin Krishnan, Mark Bauhaus

The most fundamental security defense against loss or theft of mobile devices is over-the-air (OTA) disabling. With enterprise-friendly devices like the BlackBerry, this is a breeze, but with most mobile devices, including the iPhone, iPod, iPad, Android-based devices, and others, this is a trickier proposition.

Thankfully, loss and theft protection is a rapidly evolving area, and all the leading device security vendors are rolling out various OTA device-disabling solutions to cater to this security need. Their antitheft solutions can be classified into these three broad categories:

  • Encryption and authentication techniques

  • Immobilizing techniques, including active data obfuscation following the loss of the device

  • Recovery techniques to locate the mobile device

The following sections cover each of these categories in greater detail.

Encryption and authentication techniques

As the name suggests, this technique obfuscates critical data on the device itself using encryption technologies. Extensible memory on the devices, including removable storage, makes the loss of the device quite dangerous. One mechanism that can mitigate this is encrypting the data on these memory cards. Likewise, for onboard memory as well, using strong authentication techniques should be mandatory.

Your users will likely balk at the convoluted multilevel authentication techniques when you try to impose this on them and, worse, will always try to subvert this. You can never completely prevent this, so your best form of defense is education, education, education.

Immobilizing techniques

Here are the two most common immobilizing techniques:

  • Remote lockdown: This technique involves an over-the-air kill message that is issued by the enterprise to the device, which will essentially render the device lifeless.

  • Remote wipe down: This technique involves wiping out the critical device data — contacts, local files, e-mails, SMS, and memory card.

Recovery techniques

These are the most common recovery techniques:

  • Mobile device locator: Most of the modern day devices have a GPS chip built in. Using location software, the ability to track down the mobile device is becoming increasingly practical.

  • SIM snooping: One of the first things that a stolen device is subject to is swapping the SIM out. This provides an insertion point to use a technique called SIM snooping, which surreptitiously sends the newer SIM’s telephone number to the original user, and this key piece of data can be used to locate the user with the carrier’s assistance.

Carriers are getting into the act as well to provide protection against loss and theft. For instance, Verizon Wireless now offers to its customers the Mobile Recovery app.

Verizon Wireless's Mobile Device recovery app.
Verizon Wireless’s Mobile Device recovery app.

If it’s possible to strike up agreements with the key operators that service your locations, you may be able to provide carrier-managed recovery services.