Chances are your employees use smartphones and tablets in some capacity throughout their workday. What does it cost you as their employer?

According to a study by Ponemon Institute, more than you think. The study found that more than one in three mobile devices used in a business capacity contained sensitive data. Companies know:

  • They’ve probably experienced a loss or theft of sensitive data due to employees’ careless use of their mobile device
  • They have difficulty detecting and stopping employees from using insecure devices
  • They have inadequate security and control features in place
  • The popularity of cloud-based applications makes it easier than ever to put sensitive data on a mobile device, which puts the data at risk

Mobile device encryption offers an easy solution to protect against data breach. Encryption is a reversible process that scrambles data into ciphertext, blocking it from view from anyone that doesn’t have the conversion key. If the correct key is used – a password, for instance – the data is unlocked and available to the viewer.

There are two types of encryption available: hardware and software.

Hardware encryption varies by operating system, and device make and model. With Apple iOS, for example, encryption comes preprogrammed as a part of the device. The file system is written to flash memory. The device scrambles all content when the device is locked and remains encrypted until the correct passcode is entered. The device relocks itself after a predetermined amount of inactivity.

Androids are a little different. Though Android OS supports hardware encryption, most devices are incapable of using it. It will come stock without hardware encryption in place. If you desire to enable Android hardware encryption, it is necessary to lock the Android to trigger the encryption keys.

Because there isn’t a standard for hardware encryption between systems, many turn to software encryption. With software encryption, an individual program uses a third party function to encrypt and decrypt selected data. It allows you to choose only the programs you choose to have encrypted. It can also allow you to protect sensitive data in a way that most benefits your company. If multiple employees have access to a tablet device, for instance, having individual PINs and passwords to encrypt and unscramble files based on needs and requirements can ensure employees only have access to what is truly necessary.

So, is one type of encryption better than others? As with any security system, nothing is infallible.

As a company, you operate with different levels of security in place. You may have locks to enter the building, security personnel to control access to certain levels. You may have passcards or keypads limiting access to certain rooms. Hardware and software encryption can be thought of in the same manner. Hardware encryption locks the front door; it provides the first level of protection to prevent people from entering. Once in, software encryption kicks in, limiting access to sensitive files based on an as-needed basis.

Your mobile security plan should be based on understanding how your users will use technology, giving them the right controls as needed. Every device should be considered on a device and case basis, choosing the right level of protection necessary for keeping your data safe and secure.