As a business or technical leader, you know you need to protect your company in a rapidly evolving mobile ecosystem.However, threats are not always obvious. As malware and attacks become more sophisticated over time, business decision makers must work with technical decision makers tonavigate security threats in a mobile world.
This blog series, authored by Kathy Trahan, will explore the topic of enterprise mobility security from a situational level and provide insight into what leaders can do now to mitigate risk. To read the first post focused on securing device freedom, clickhere. -Bret Hartman, Chief Technology Officer (CTO) for Cisco's Security Technology Group
Imagine two of your executives are using a SaaS platform while working off an unsecure hotel Wi-Fi network nearby. Did you know that SaaS and B2B applications are 15 times more likely than pornography to deliver malicious content across a network?
The threats against a remote connection are unfortunately very real and using an unprotected network to access company assets (whether on-premise or in the cloud) can have serious consequences.
As the growth of mobility and cloud blur the lines of our personal and business lives, the "mobile cloud" has drawn users (consumer or employee) to its convenience. According to a recent Gallup poll, nearly 80% of workers had positive feelings for using their own computers and mobile devices to stay connected to work outside of normal business hours.
For IT, the mobile cloud offers huge management efficiencies. Recent Cisco mobility research confirms that mobility strategies are converging with cloud strategies. However, it also forces IT and business leaders to find a happy medium between encouraging corporate productivity and addressing a new wave of security concerns. From the same research, nearly half of the organizational leaders surveyed say security risks can prevent them from moving forward with mobility initiatives.
Despite these risks, It is hard to dispute that off premise access provides significant productivity gains especially as organizations see mobility as a competitive edge to embrace.
As more mobile users enter the market, (over half a billion devices were added just last year) and the number of remote workers becomes more ubiquitous, the expectation is that networks and access should be the same, regardless of location.
So, how can organizations get a handle on remote connections?
To start, organizational leaders must understand that compliance requirements trump all, regardless of the "where" of network access. To protect sensitive information, ensure business operations are carried out seamlessly and connectivity across a wide selection of devices are not compromised, remote access must be treated as a privilege and key concerns must be recognized and resolved jointly by Business Decision Makers (BDMs) and Technology Decision Makers (TDMs). Here's a closer look at these concerns and how decision makers can work together to mitigate risk.
Secure Access
BYOD has made it possible for everyone to have remote access capabilities. But, that doesn't mean that everyone can, or should, have the same access privileges.
BDMs may desire different access capabilities based on employee status and for certain industries, that thinking is understandable. For example, medical records, financial information, and sensitive client information may not be allowed via remote access from an unsecured network. This initially may be enforced by differentiated access, such as when a doctor goes the coffee shop and is not able to view patient records because he is not on hospital grounds.
While it is up to BDMs to decide who may have access, IT teams must also ensure they can adapt to a user's unique needs and be able to control access regardless of a user's location, especially in the case of a security breach. Remote secure access is the first line of defense to minimize the threat vector.
Connectivity
Global mobile data traffic grew 81 percent last year. Expectations are set high for wireless connectivity that is quick and seamless.
A user's ability to be productive and collaborative with colleagues and clients can be the difference between doing business and losing business. As businesses continue to extend their global reach, IT leaders must be able to ensure users can stay connected across borders, networks, and in and out of the office. BDMs and TDMs must partner to ensure connectivity issues do not affect business operations or put sensitive information at risk in unprotected environments.
Mobility
Message boards, chat rooms, and forums come alive when a new mobile device or application announcement hits the market. And when new devices or applications are unleashed on the market, BDMs and TDMs must consider what an influx of new devices and applications will mean for remote access capabilities and the best ways to utilize these new releases to empower their workforce.
Solutions must be reached that allow for the variety of devices that are in the market, including cell phones, tablets, and as the market grows, even wearables. Collaboration between BDMs and TDMs must take into account the positive aspects of allowing enterprise users to select their preferred mobile platforms and devices, while ensuring users can securely connect and transmit information in traditionally unprotected environments.
And as companies implement practices to secure mobile devices and embark on what we like to call the Mobile Workspace journey, they will be able to focus more on the applications that will best allow their employees to become more productive. Thinking beyond the devices and taking this "journey" is key because mobility continues to change the face of many industries -from the doctor accessing patient records on the go, to the teacher who updates grades on her tablet while waiting for her child's dance class to end. The personalization of devices and applications will only improve individual experiences.
With mobility becoming more pervasive, business leaders on both sides must be prepared to define their compliance requirements for remote connection access and select an approach that is mutually beneficial to both their security and business-growth needs and actively enforce it.
Managing mobility and crafting remote access guidelines does not have to become a daunting task. In the end, increased productivity and flexibility can be achieved and both customers and your workforce will benefit.
So, what's your plan for secure remote connection? Is it time to evaluate your compliance requirements? Ask yourself these questions as you view the interactiveNavigating Security Threats in a Mobile Worldsecurity asset.
For more about the Future of Mobility, follow@Cisco_Mobilityon Twitter and join the conversation#FutureOfMobility.
Additional resources: