Going Beyond EncryptionBy Elizabeth Millard | Posted 2008-03-21 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
Sure, your Blackberry, iPhone and other gadgets can do everything but the laundry, but when it's stolen, can you get to the data before the thieves do?
"While encryption is certainly necessary, it is ineffective when the password is known or knowable," says Roberson. "We believe that businesses need protection not only against hackers but also against the many vulnerabilities introduced by its own users. With encryption alone, you're one sticky note away from disaster."
Although being able to wipe data remotely is a huge benefit, it's also a dramatic step, reserved for laptops and devices that are considered unrecoverable. Somewhat like "Mission Impossible" (without the smoke and explosion), a device will begin a self-destruction sequence once it's tagged as unrecoverable and is hooked into a network connection.
Even if a computer isn't plugged into a connection, it can still be taken down through a series of triggers that are based on preset rules created by an administrator. For example, if there a certain number of unsuccessful login attempts, it would set off the self-destruct mode and it's goodbye, data. For those who are anxious about that drastic step, the triggers can be tweaked to destroy only a certain set of files or folders.
The ability to reach out and "magically erase" confidential data is likely to be hugely appealing to enterprises of any size, says John Livingston,
"There's no question that enterprises want the ability to ensure that data is not compromised," he notes. "Once an asset has fallen out of the spectrum of control and gone into the wild, what could be better than being able to destroy that data, particularly if it's customer data?"
Data deletion capability can help bring consumer devices, such as the iPhone, more in line with enterprise needs, he adds. Absolute Software has its software in the firmware of most laptop vendors, including Lenovo, HP, and Dell, giving the company the ability to track laptops and destroy data if necessary.
"On its own, the feature doesn't have a lot of value," Livingston says. "You have to be able to reliably execute the functionality without doing it by mistake."
Device makers will have to be sure to build correct management layers into their data destruction applications, so that there isn't widespread grousing or panic caused by accidental deletion.