Three key steps to ensuring mobile device security

With cybersecurity threats on the rise, we look at advice from a new Absolute and TOUGHBOOK whitepaper that provides the top three tips for rugged mobile device security in mission critical environments.

Written by: Rachael Pugh, Partner Marketing & Enablement at Panasonic Toughbook

Mobile devices are essential to our daily working lives, with smartphones and other handheld technologies enabling us to work seamlessly, accessing the resources and systems we need from the organisation to remain effective and productive. For emergency responders, the ability to exchange and access accurate information in real-time is even more critically important – it can be the difference between life and death. However, accessing those resources securely, wherever they reside, is also key to ensuring that sensitive data is not compromised and that organisations remain compliant as they carry out their critical work.

Unfortunately, however powerful a mobile device or rugged handheld or laptop might be, threat actors have also become increasingly sophisticated and will endeavour to find a way to breach core system integrity to disrupt services and steal data.

The good news is that today’s modern rugged mobile devices come pre-equipped with robust security features which can include hardware and software and secure network access provision, enabling users and organisations in mission critical environments to sleep easy knowing their devices are secure.

Here at Panasonic TOUGHBOOK, we have just developed a guide in conjunction with our partner, Absolute Software, a leading provider of resilient endpoint and network security software, to help those in mission-critical environments understand how they can secure their hardware to keep data both on the device and in transit safe through encryption, authentication and other means. The whitepaper delves into three key areas:

1. Ensuring your hardware is secure

Hardware security helps defend enterprise handhelds and some tablet devices against unwanted external access. The absence of a hard drive means information gets retained in memory. As a result, data tampering on these devices is practically impossible without the correct cryptographic key.

Authentication using passcodes is another way to protect these devices because a user must enter a password and, without it, the data and applications will remain encrypted. Additionally, auto-lock timeouts offer protection against unauthorised mobile data access. However, laptops and Windows tablets, with removable hard drives or solid-state drives (SSDs), represent another security challenge. Fortunately, system administrators can meet this challenge with hardware-based encryption where a chip on the drive encrypts all data, decrypting it only in response to a passcode.

Multifactor authentication (MFA) is a crucial second line of defence. Rather than just asking for a username and password, MFA requires one or more additional verification factors, which decreases the likelihood of a successful cyber-attack. This prevents unauthorised access while booting up a device and logging onto a secure network.

Smartcards are also a popular access option for most police and first responders, enabling them to access specific network endpoints or systems quickly. As well as contactless smartcards there is also an enhanced form of smartcard technology, employing the FIDO U2F standard, which can replace passwords for internet logins. So just as a conventional smartcard authenticates device users, a FIDO U2F-enabled key enables users to log into supported email, enterprise applications, and other web-based resources.

Biometric tools such as facial recognition are another form of fast, secure authentication. Furthermore, the Trusted Platform Module (TPM) standard is where specialised chips on laptops provide TPM functionality for securely storing passwords, certificates, and encryption keys as well as detecting unauthorised configuration changes made by malware and blocking access to affected applications. Here at Panasonic, we work closely with Intel on TPM chips for use in our TOUGHBOOK computers.

2. How specialist software enhances device security

Specialist software helps to secure laptops, tablets, or handhelds, on any operating system, wherever they are, from the moment they power up. Device manufacturers can add additional layers of security through their own software encryption or embedded technology. For example, Absolute Software embeds location-based protection and tracking in the firmware of mobile devices, including laptops and notebooks. Absolute’s self-healing Persistence technology is built into the firmware of Panasonic TOUGHBOOK devices at factory level and it enables enterprises to manage and track devices after assigning them to users. Not only can the technology track missing devices, but it can also activate a “kill switch” to render the device unusable and wipe sensitive data should it be irretrievably lost or stolen. And because it’s self-healing, the Absolute Agent gets reinstalled on every boot sequence, even if the device is re-imaged, the hard drive is replaced, or the firmware is updated.

Here the importance of also having a robust mobile device management (MDM) strategy in place cannot be underestimated. Likewise, a software application that helps IT teams provision, manage and decommission large numbers of mobile devices, as well as limiting access to applications, is also incredibly beneficial.

3. Keeping data safe through secure connectivity

Cisco’s Annual Internet Report, released in 2020, predicts that the number of global mobile devices will top 13 billion by 2023, up from 8.8 billion in 2018. A growing number of those devices connect to 5G mobile networks.

It is therefore important to consider how data can be kept safe through secure connectivity on both public and private 5G networks. Here a Virtual Private Network (VPN) can provide anencrypted tunnel to secure traffic between the device and the server. Additionally, Zero Trust Network Access (ZTNA) provides secure remote access to applications and data by validating every stage of a digital interaction. Absolute’s Secure Access covers both areas and as the industry's first mobile Security Service Edge (SSE) solution, it extends the same level of protection normally only associated with office or hybrid workers to mobile, deskless, and field workers.

Building a coherent mobile solution and management security strategy

The paper shows how, by contextualising security in the three business-critical areas of device security, endpoint software security and secure mobile connectivity, organisations can build a coherent mobile solution management and security strategy. It explains how this helps organisations not only build in the data security and access privileges required, but also how organisations can ensure secure connectivity.

Mobility has the power to transform public safety organisations, but at the same time it must do this without creating unacceptable levels of risk that leave data or other assets vulnerable to cybercriminals.

Download the whitepaper: "Securing mobile devices for mission critical environments”

Three key steps to ensuring mobile device security

1. Ensuring your hardware is secure

2. How specialist software enhances device security

3. Keeping data safe through secure connectivity

Building a coherent mobile solution and management security strategy

Read more insights…

Navigating Together Towards a Brighter Future: Our Commitment to Recognition2024

Is your data safe? It can be stolen without you even noticing it!

Why Endurance is Critical for Policing Mobile Technology

Axira's Resilient Journey with Panasonic TOUGHBOOK: A Testament to Innovation and Trust