Portable data storage devices such as laptops, thumb drives, Blackberries and iPods are now a permanent part of the corporate data landscape. Sensitive corporate data and intellectual property is residing on these devices, which, if lost, could present a serious liability to companies. Here are some best practices for encrypting data on these devices.

Centralize policy creation and control

Encryption software for mobile devices should support encryption policies that administrators can centrally create and manage to ensure mobile users don't circumvent corporate policies. Centennial Software Ltd.'s Devicewall and GuardianEdge Technologies Inc.'s Device Control and Removable Storage Encryption products can encrypt data and provide centralized encryption policy management for portable storage devices.

Data classification

Encryption software should include a discovery and reporting component so companies can quantify how much, and what, data is stored on portable devices, as well as what the potential risk is if loss or theft occurs. Products from Tablus Inc. and Vontu Inc. identify data being copied to devices and can prevent or audit those activities.

Encryption key creation

Formulate encryption policies that force mobile users to create and use complex encryption keys, or use third-party software that creates and manages the encryption keys for them. Devicewall and GuardianEdge tie into Active Directory, through which companies

    Requires Free Membership to View

can create policies for the creation and management of user encryption keys.

Restrict data storage on new mobile devices

New portable storage devices from digital cameras to iPods are capable of storing hundreds of gigabytes of data in unencrypted formats. Short term, create policies that restrict users from storing data on these devices; longer term, implement products that encrypt data stored to these mobile devices and adhere to corporate encryption key generation and management policies.

This article first appeared in Storage magazine. Click here for the entire article.

This was first published in April 2008

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.