GCN Hot Topics:

Portable security through firmware

Intel�s vPro softly hardens mobile PCs and handhelds

More on this topic

Mobile applications:
A 360-degree report

This package is part of an 1105 Government Information Group 360-degree report on mobile applications. For full coverage, click here.

In its May 19 issue, Federal Computer Week focuses on the challenges of complying with the government’s policy on safeguarding data on mobile computing devices and, in a separate story, explores the question of how smart leaders should use smart phones.

In its May 26 issue, Washington Technology examines the robust opportunities for systems integrators and technology companies in the realms of public safety, homeland security and defense, and it provides specific examples in key areas.

Also in this report

Mobile applications gain ground

For security-conscious agencies and departments, the greatest strength of portable devices is also their greatest vulnerability: portability. A device that can be carried around is more likely to be lost or stolen.

Vendors have come up with an array of tools to help protect portable devices — from wire cables to keep thieves from walking off with unattended computers to encryption for drives that requires authentication to access the data.

There are a variety of other strategies to protect portable devices.

Absolute Software, for example, has a service called Computrace that helps owners track lost computers via the Internet. Some management programs allow systems administrators to inventory software to ensure that security software is installed and enabled on all devices connected to the network. And some vendors have software, either in operating systems or as an add-on programs, that lets administrators set policies regarding things such as whether users can attach peripherals to a computer.

Getting there first

The major drawback to all of these solutions — with the exception of the wire cable — is that they involve software. Hackers and thieves are often able to find ways to defeat the security measures by accessing the system before or during the boot-up process, before the security software kicks in.

And many of the security measures require the participation and cooperation of users, which can be a problem.

“Eighty-five percent of the issues related to laptops and data theft are there predominantly because of ignorant users who don’t know how to manage data, who don’t know what they need to do with their machines, who assume that things are naturally safe and secure,” said Mark Margevicius, an analyst at the Gartner Group. “Good education programs and policies about when and where you should be using these devices would really help in eliminating much of the risk associated with portable data.”

The next major step in securing portable devices is to move these protective measures into firmware — software embedded in the hardware — where it is more difficult to circumvent and where IT staff can more easily manage them without requiring user attention.

« Previous12 3 4 Next »


GCN.com	Latest News	FCW.com

Government Computer News