How To Secure Mobile Devices - ' Thin Is In'

Thin Is In?

Jere Roche, network service team leader for Clark Memorial Hospital in Jeffersonville, Ind., saw security concerns increase in 2004 as the hospital added new regional facilities and launched an effort to provide doctors and nurses with mobile computing platforms.

Roche had seen how the use of thin clients or PC blades can improve security, and wanted to extend that environment to mobile computers used by doctors and other staff. Data and applications are stored in a centrally managed data center and deployed remotely to the "dumb" computing terminals, which have little or no internal memory or hard drives.

Tablet computers from Motion Computing fit the health-care professional's work style, but they were configured much like a standard laptop with a hard disk that could potentially be lost or stolen. ClearCube's mobile terminals, while providing centrally stored data security, at the time were lacking in terms of usability features compared to the Motion Computing systems, he says.

With Roche's encouragement, ClearCube and Motion entered into a collaboration and within two months provided a demonstration of Motion Computing tablets running on ClearCube PC blades and software. The tablets are used by staff and for public terminals in the main hospital and three branches. All data is secured on the blades in the data center. The tablets can remotely access applications for writing prescriptions and viewing patient records using ClearCube.

The hospital has 60 mobile thin clients, running applications for about 120 users, and Roche expects to expand that ratio by creating additional user platforms with virtualization in the near future. "We just can't have someone walk off with hospital data," Roche says. "In many ways we've seen a 100% improvement in security because the computers have no data, or even the capability of storing data."

Taking a thin-client approach with ClearCube, or with other vendors such as Citrix, or using remote access application software from a company like Microsoft, can reduce or eliminate exposure of data by keeping it secured centrally and not on the mobile devices.

But most businesses are unable or unwilling to remove control of data and applications from computers in the hands of end users or have deployment requirements that can't be addressed with fully centralized control of all data. They must rely on policy and additional security technology—including encryption.

"Encryption can cover a multitude of sins," says Paul Stamp, an analyst with Forrester Research. "Whether that is data that you encrypt to use again yourself, data you need to encrypt to someone else for use at a later time, or data you need to encrypt to send out across the Web, they can all present a different business problem, and it can be difficult or impossible to find a 'one size fits all' solution."