BlackBerrys and other portable computing devices are often recognised as a serious threat to the social life - and sometimes even the marriages - of their owners. Businesses that dole them out to executives are now realising that these devices are also a serious threat to the security of their most precious information. The threat comes from the fact that mobile devices can contain sensitive information, yet are often taken well beyond the walls of the office and into situations where they could fall into the wrong hands.
A chief executive's BlackBerry, for example, could contain emails that should only be seen by the board. A business laptop can contain almost any sort of data, much of it sensitive. If either device is left in a taxi - cabbies report that mobile devices now rival umbrellas in terms of the items they scoop up at the end of the day - the problems start with the cost of replacing the device and dealing with the inconvenience of being deprived of it.
Far more serious is what can happen if the lost device contains sensitive data that could provoke a "please explain" from the guardians of continuous disclosure laws if the data becomes public.
Worse still, mobile computing devices are a gateway into your organisation. A BlackBerry can make it possible for its user to send mail as if they are your CEO. Laptops often include the settings needed to access a business's networks. Those settings are extremely valuable to hackers, as they make it possible to log on to your networks as if they were one of your staff, a distinct advantage for those seeking to create mayhem.
Thankfully, the information technology world has realised it is prudent to harden mobile devices against these threats. One of their responses is encryption which is now a mainstream tool, thanks to Microsoft's inclusion of it in Windows Vista. Windows mobile also allows encryption of the data stored on memory cards inserted into smartphones and personal digital assistants.
Encryption is a mature and robust technology. Modern tools will defeat all but the most determined and well-resourced attempts at decryption. Many users, however, remain uncomfortable with the idea that lost or stolen devices are in any way vulnerable.
The IT industry's fix for this situation is called "remote deletion". Simply put, remote deletion allows users to send an instruction to their mobile device that wipes the data it contains. The physical device remains intact but the data it contains is obliterated as effectively as possible. Remote deletion relies on a mobile device reconnecting to a network. Mobile phones, for example, will need to have their "native" SIM card installed so that remote deletion tools can identify the handset to be wiped. If that SIM is in place, remote deletion is as easy as sending an SMS. A remote-deletion-aware mobile device will interpret the SMS as an instruction to wipe its data.
Remote deletion for laptops operates in a similar way, with software operating invisibly in the background informing remote deletion management software every time a laptop connects to a network. If you report the laptop as lost, the remote deletion software kicks into action.
Remote deletion is not yet a standard feature of mobile technology. Smartphone maker i-Mate has built it into its most recent devices under the name Secure i-Q. Hewlett Packard offers the service as an optional extra called Computrace. Several independent software vendors also offer the software.
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.