Ensuring Mobile Device Security, Part 4: Internal and External Controls

For IT, maintaining effective mobile security represents a constant endeavor of staying one step ahead of the next threat. Fortunately for our customers across a number of sectors, from transportation and field service to energy and insurance, useful tools and features are available that substantially ease the IT burden, including Mobile Device Management (MDM), BIOS-embedded security, and operating system (OS) protections.

While the previous article in our Mobile Device Security series explored a number approaches to ensure protected access, in this last article we look at useful internal and external controls that IT can employ to ensure a highly secure level for the organization's mobile devices and solutions. These include:

• Mobile Device Management which can enable remote data wipes and theft recovery
• Asset Tracking to provide real-time status updates
• BIOS-Embedded Agents which can extend device monitoring and protection capabilities
• Lock Slot integrated into hardware to help ensure physical device security

When helping our enterprise mobility customers implement security, we regularly emphasize the importance of having an effective MDM strategy in place. MDM provides security flexibility, allowing IT to remotely lock down device functionality, monitor and limit access, track assets, and protect data via remote data wipes. The three stages of MDM are: provisioning, production, and decommissioning. Each stage involves a comprehensive set of procedures to help ensure enterprise mobile adoption goes smoothly and IT policies are set and followed.

Asset Tracking

Integrated with your MDM solution, mobile-based Asset Tracking can provide real-time updates on the location, condition, and physical custody of a particular piece of equipment. For example, a tablet deployed to an engineer to the check status and location of mining drills or other equipment might be inadvertently left at a satellite field office trailer. Using the Asset Tracking feature, IT could locate the lost device and direct the field crew to retrieve it.

BIOS-embedded technologies

This technology consists of two modules. First, a persistence module is actually installed during the device manufacturing process. For example, our Panasonic Toughbook devices and Microsoft Windows- based tablets have BIOS-embedded security from Absolute built-in.

The second module of BIOS embedded security is an application agent which must be installed by a user or IT organization. Using this application agent, IT can pre-set these agents to automatically delete sensitive company data or lock a device if it hasn't connected and reported into a server within a proscribed number of days.

Even if a mobile device has been wiped, the BIO-embedded persistence module can provide forensic evidence for recovery once the application agent has been activated and the device is re-connected to the Internet. This includes turning on Web cams, enabling keystroke logging, and activating GPS for theft recovery.

The effectiveness of this type of security has resulted in some BIOS embedded agents being recognized as Health Insurance Portability and Accountability (HIPAA) and Criminal Justice System (CJS) compliant. Users should check with their vendor for compliance confirmation.

Lock Slot

For many of our customers in industries with a remote workforce, enterprise mobile devices can be susceptible to "smash and grab" theft. While asset tracking and recovery are important features made possible with MDM, our Toughbook and Toughpad devices also offer the ability to physically lock hardware. Built into the design, the integrated, steel-reinforced lock slot enables a cable attachment for securing the device when unattended.

In this series of device security articles, we've addressed key areas to consider for a coherent mobile solution management and security strategy that takes into account business goals and the multiple ways in which mobility can transform an organization without adding unacceptable IT management risks. If you would like additional information or guidance in planning your next deployment of a mobile workforce solution with proper mobile security our Panasonic Mobile Field Engineering & Technology Specialists are available to answer any questions you might have. Contact us: [email protected].

###

Panasonic Toughbook and Toughpad devices are purpose built to meet the environmental, workflow and security needs of enterprise mobility customers. Toughbook and Toughpad mobile computers include various enterprise-level security features enabling its customers to address their data security, access privileges, connectivity security and device security needs. For more information, visit the Panasonic website.