As a journalist at iTnews:
“Blessed are the forgetful: for they shall have done with their stupidities too,” German philosopher Friedrich Nietzsche once wrote.
The 19th Century philosophy seems to have struck a chord with modern day manufacturers, who tout mobile devices with remote memory erasure capabilities or that store no user data at all.
Securing mobile data has become an increasingly prevalent issue for businesses in recent times, as notebooks and smartphones gain ubiquity in the corporate world.
Employees who access corporate data remotely and out of office hours may threaten the security of sensitive information in cases of accidental loss or theft of their mobile devices.
IT contractor EDS recently was reported to have lost a portable hard drive containing data on as many as 1.7 million prospective U.K. armed forces recruits.
The incident follows the U.K. Ministry of Defence’s recent admissions to the loss of three hard drives containing details of more than 50,000 members of the Royal Air Force, and the loss of loss of 658 laptops and 121 USB data drives since 2004.
Other storage devices such as CDs and flash memory cards also have resulted in data leakage in the past.
Sensitive MI6 photos found their way to the public last month via a camera that was sold on eBay. Meanwhile, in March, HSBC lost a CD containing names, life insurance cover levels and dates of birth of 370000 of its customers, prompting industry criticisms of ‘basic stupidity’.
Microsoft has partnered with Nokia, Apple and Sony Ericsson to safeguard sensitive information through technology that wipes clean the memory of missing smartphones.
Dubbed Microsoft System Centre Mobile Device Manager 2008, the technology is a function of Windows Mobile 6.1, and allows system administrators to deliver a ‘kill command’ to a lost or stolen mobile device via Microsoft Exchange.
The kill command is executed as soon as the missing device is connected to a cellular or Internet-enabled network, after which a confirmation notice is delivered to the administrator.
Users also are able to encrypt external memory cards, such as SD cards, so that they can only be read by the smartphone. Because the encryption key is stored on the smartphone, an executed kill command would render data on encrypted memory cards inaccessible.
Personal data that is not backed up will be lost forever with the execution of a kill command. However, as most corporate data is stored on the Exchange server, it can easily be restored on a replacement device.
Rick Anderson, who is Microsoft’s Enterprise Mobile Solution Specialist, said that the technology is focussed on reducing the chance of corporate data being compromised by reducing the window of opportunity.
He noted that Windows Mobile 6 has attained the Common Criteria EAL2+ Assurance Level after assessment by the Defence Signals Directorate (DSD), and has been accepted for use in the Australian Government's official communications and information systems.
“You certainly have your mobile phone everywhere, so you have to be conscious of the fact that you can lose it, by leaving it on the train for example,” he said.
“Blackberry and us [Microsoft] would probably be the ones to look at in terms of corporate mobile solutions,” he told iTnews.
Meanwhile, Hewlett-Packard (HP) has added to its notebook range the HP Compaq 6720t, which features an embedded, write-protected operating system.
The 6720t is a mobile thin client which, like conventional desk-based thin clients, is designed to provide access to virtual computing solutions, such as blade PCs or virtual desktop infrastructure.
It is a solid-state system with flash memory and no moving parts. No data is stored on the device, so sensitive data is not compromised in case of loss of theft.
“From a thin client point of view, it’s [corporate data] all secured in a data centre,” said Fiona Wright, who is HP Australia’s Market Development Manager for Thin Clients.
“For example, if an agent is on the road and left the device somewhere, their sensitive information would not be lost or compromised,” she told iTnews.
The 6720t was released in July 2008 as the commercial world’s first thin client that has been built for mobility.
However, the fact that it relies on server-based data and applications may somewhat limit users’ movements.
IDC research manager of IT spending, Jean-Marc Annonier, expects a broadband connection to be the minimum requirement for the remote use of thin clients.
“Thin clients are not really good for mobility,” he said. “What you need is a live network connection for the thin client to connect to the server.”
“You can’t do this on a train, definitely, even if you have a 3G connection,” he told iTnews.
“The problem is latency,” he said. “With 3G, you may have one second of latency, [during which time] you can’t see what you’re doing.”
But for businesses whose employees work predominantly from the office, home, or a client’s broadband-enabled premises, mobile thin clients could deliver not only security, but economic benefits as well.
A recent report by IDC found thin clients to reduce hardware and software costs by 87 percent, IT costs by 61 percent, and worker downtime by 49 percent when compared with traditional PCs.
Through reducing the need for hardware upgrades and enabling software updates to be rolled-out centrally on the server, thin clients were found to produce a 466 percent return on investment for businesses that were studied.
Large organisations are expected to reap the greatest return on investments for thin client deployments. Annonier expects organisations with between 500 to 1000 workers, using between 300 and 700 devices, to have most to gain.
IDC estimates that one quarter of Australian organisations already have deployed thin clients, and deployments are roughly evenly split between production or pilot phases.
13 percent of organisations are found to be evaluating the technology, while six percent claimed to have no plans to deploy thin clients. The remaining 56 percent of organisations surveyed were either unable to respond, or unaware of the technology.
“Computer virtualisation, although not a new concept, has come of age,” Annonier wrote in the report.
“The days of the traditional PC and the distributed computing model as we know them are numbered and the trend towards centralised computing is already becoming increasingly evident,” he wrote.
According to HP’s Wright, customer feedback for the 6720t has been positive so far.
She expects mobile thin clients to appeal especially to mobile workers who deal with sensitive information, such as those in the health and finance industries.
“Being a new product, there’s a lot of conversation and a lot of hype,” she told iTnews. “From my point of view, it [the technology’s suitability] really does depend on what the IT manager wants to use the thin client for.”
“I do hear from customers that security is on their minds, and I do believe that mobile thin clients will offer what they are after,” she said.