PROTECT: to Safeguard Data and Limit Risk.
Strong access controls, authentication and encryption must be consistently enforced across mobile end points to protect sensitive information, meet regulatory/audit requirements, and more importantly, limit your risk of a data breach should mobile data or devices be lost, stolen or attacked.
The ability to centrally enforce, manage, and audit both authentication and encryption is extremely important, as it allows the company to meet the typical compliance “Reasonable Risk” test.
The encryption method must meet a widely accepted federal standard, such as FIPS140-2, includes the control, distributing, and management of encryption keys; however, data encryption requires a balance between ease of use and security. Check that your security agent can enforce centrally-defined policies that control which encryption algorithm is used (this affects time required for encryption), as well as what is encrypted and how the encryption keys are generated, managed and escrowed. Make sure that your solution guards against unauthorized access in a multi-user operating system and that data recovery is fast and reliable.
Finally, make sure your solution does not rely on the end user to take action. It should seamlessly and automatically encrypt data regardless of where the data is saved or what the file is named.
|
|
Protect: safeguard data
and limit risk of lost,
stolen or attacked devices
by enforcing access
controls, authentication
and encryption across
mobile end points;
minimize impact to users
and IT staff by seamlessly
and automatically
encrypting data ?at rest?
to meet regulatory and
audit requirements. |
| |
 |
|
|
