An article on mobile device encryption has just been added to the Essential Series: Messaging and Web Security Volume II. Here's an excerpt:

There is no shortage of headlines about lost or stolen laptops containing confidential data. There is also no shortage of concern about preventing data loss. When it comes to protecting information on mobile devices, encryption is a fundamental component of the solution. Mobile devices, like laptops, smartphones, PDAs, and removable storage media, enable much more flexible and adaptive work arrangements than if we were forced to keep data tied to desktop devices. For many, these devices just would not be as useful if they were restricted to not storing intellectual property, confidential business data, or customer information. Yet, this is exactly the data that requires the greatest protection.

Protecting mobile devices requires a multi-pronged strategy including user awareness, clear policies about the use and storage of mobile devices, restrictions on installing or updating software, and of course data encryption. Encrypting a file is simple. Managing encryption across an enterprise’s collection of laptops, smartphones, and PDAs is not. Five topic areas should be considered when planning to implement mobile device encryption:

• Policy management
• Scope of encryption
• Authentication mechanisms
• Supported platforms
• Compliance issues