Home > Information Security Magazine > Hot Pick & Product Reviews > Mobile Device Security
EMAIL THIS
Information Security Magazine

  CURRENT ISSUE  
  FEATURES  
  COLUMNS  
  HOT PICK & PRODUCT REVIEWS  
  ARCHIVES  
  SUBSCRIBE/RENEW  
  

Mobile Device Security
Issue: Jul 2006
printer-friendly

MOBILE DEVICE SECURITY


Mobile Guardian Enterprise Edition 5.1
CREDANT Technologies
Price: Starts at $46.37 per client for 1-249 clients

[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE] [IMAGE] CREDANT Technologies' Mobile Guardian [IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE]
CREDANT Technologies' Mobile Guardian gives peace of mind to security managers who lose sleep over sensitive information on laptops and PDAs.
[IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE]
[IMAGE]

Given the mobile nature of today's workforce, protecting confidential data on portable devices has become a red-hot area of concern for security managers. CREDANT Technologies' Mobile Guardian (CMG) meets this challenge with strong, policy-driven encryption.

CMG supports strong encryption--TripleDES, Blowfish, and 128- and 256-bit AES--on Windows hosts and popular PDAs like Palm, Symbian and BlackBerry.

Flexible encryption policies are a CMG strong suit, allowing managers to define robust business rules governing what gets encrypted on the Java-based management server and published to an agent on the managed nodes. The administrator can specify that specific folders be encrypted, including "My Documents," the Inter-net Explorer cache directory and removable media. A nice feature is its capability to mandate encryption for all content created by specified applications.

T...



he Java-based management server connects to any enterprise level LDAP environment and maps user accounts to the appropriate encryption policy, in addition to allowing the delegation of CMG management rights to appropriate personnel. CMG has a built-in key recovery facility, and stores configuration and policy information in a MySQL or MS SQL Server database.

If a device is lost or stolen, there are administrator-configurable autodestruct capabilities built into the client that could, for example, automatically delete all of the data on a device if the user fails authentication within a given period. On the other hand, authorized admins can access encrypted data in the event of a failed password check through self-service authentication questions and/or one-time decryption keys.

Although functional, both the installation and management programs need work. The administration and configuration functions are spread among several different GUI applets, and we had to find and execute them. It would be far more user-friendly to have all such functionality available within a single console.

[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE] [IMAGE] Exec Summary [IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE]
[IMAGE] [IMAGE] [IMAGE] Strong encryption
[IMAGE]
[IMAGE] [IMAGE] [IMAGE] Flexible policy controls
[IMAGE]
[IMAGE] [IMAGE] [IMAGE] Loss/theft protection
[IMAGE]
[IMAGE] [IMAGE] [IMAGE] Fragmented admin GUI
[IMAGE]
[IMAGE] [IMAGE] [IMAGE] Weak reporting

[IMAGE]

We were not able to initially connect to our Win-dows 2003 SP1 Active Directory infrastructure for the mandated LDAP synchronization, though a quick call to tech support showed us how. There is no reason why this functionality couldn't be thoroughly integrated into the main console. Additionally, the client agent installations need to be streamlined and integrated directly into the management console. Although CMG's solution--providing MSIs for the client software installation--is serviceable, other products in this market allow a direct agent push from management.

Given the stringent requirements of regulatory compliance and corporate governance, we were somewhat surprised not to see richer reporting capabilities. Logging and reporting is pretty basic, consisting largely of recording various successful/failed communications and administrative activity, such as agent contact and policy downloads. While this is adequate for debugging, we'd expect to see detailed records of user activity.

If you're concerned about sensitive data leaking beyond your organization, it's worth considering CMG, particularly if you have a large number of PDAs in your environment. We hope to see an improved management interface and more robust reporting in future releases, but it does an excellent job performing its main mission of providing strong, policy-based encryption for por-table devices.

[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
More information from SearchSecurity.com

According to a study, laptops are most commonly stolen from corporate offices.

Learn how to lock down mobile devices in this on-demand webcast with networking expert Lisa Phifer.
[IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE]
[IMAGE]

--PETER GIANNACOPOULOS





TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts