SlideShare une entreprise Scribd logo

Mobility, Security and the Enterprise

Icomm Technologies
Icomm Technologies

Mobility, Security and the Enterprise: 10 Best Practices for Controlling Smartphone and Tablet Access to Corporate Networks

Business
1  sur  25
Télécharger pour lire hors ligne
Mobility, Security and the Enterprise: 10 Best Practices for Controlling Smartphone and Tablet Access to Corporate Networks Consumer Technology in Corporate IT
Table of Contents The Consumerization of IT 1 A Moving Target 2 Risk/Reward: A Complex Equation 3 Smartphones are Outside of IT Control 4 Data Leakage and Loss 5 Malware Threats 6 Bandwidth Overconsumption 7 Making Smarter Mobile Access Decisions 8 Establishing a Best-practice Defense 9 Best Practice #1: Establish SSL VPN Access to Corporate Resources 10 Best Practice #2: Establish Reverse Web Proxy 11 Best Practice #3: Require a Lost or Stolen Phone or Tablet be 12 Reported Immediately Best Practice #4: Comprehensively Scan All Mobile Device Traffic 13 Best Practice #5: Control Data-in-flight 14 Best Practice #6: Maximize Firewall Throughput to Eliminate Latency 15 Best Practice #7: Establish Controls Over Mobile Device Application Traffic 16 Best Practice #8: Establish Mobile Device Wireless Access Security 17 Best Practice #9: Manage Mobile Device Traffic Bandwidth 18 Best Practice #10: Visualize Bandwidth Activity 19 Deploy SonicWALL Solutions for Smartphone and Tablet Security 20 SonicWALL Mobilty Solution 21 Conclusions 22
The Consumerization of IT Many technologies that enterprises adopt for their information systems often have roots in consumer applications.1 More employees are extending their workday and increasing office efficiency by leveraging the same technology they use to enhance their personal lives— in particular, smartphone and tablet devices. The power of users now rules the day. Many corporate end users do not allow IT to dictate which smartphone or tablet platform they can use. A growing number will use whatever application, device or technology they want, regardless of corporate IT policies.2 IT has effectively lost its ability to completely mandate the choice of smartphone or tablet access in a corporate setting. 1
A Moving Target Face the facts: there will be many rapid changes in smartphone/tablet platforms beyond the control of corporate IT. Administrators must deal with multiple operating system platforms, including iOS, Google® Android, Nokia® Symbian and Microsoft® Windows Mobile and Windows Phone 7. Juggling support for multiple smartphone platforms can burden IT. IT administrators must have an agnostic approach to support multiple smartphone/ tablet platforms for its users, as well as provide contingencies for access continuity. For example, BlackBerry users in certain countries faced threatened service outages that could have required them to switch to a different platform. 2
Risk/Reward: A Complex Equation Perhaps the biggest threat is from users themselves, who are increasingly utilizing their mobile devices with scant regard for IT policies (e.g., playing games or checking personal Gmail while connected to corporate networks). Increasingly, mobile device usage is placing great pressure on corporate network resources, too, especially when users consume high-bandwidth content such as video. According to a study by IDC, people downloaded 10.9 billion mobile apps in 2010 (a figure IDC expects will increase to nearly 76.9 billion by 2014), many a potential threat to corporate security. The combination of these factors presents IT departments with a serious dilemma. On one hand, smartphones and tablets are simply too powerful and useful for businesses to ignore, empowering users in completely new ways and enabling them to work far more flexibly and productively. Security must be seen to be enabling the business, rather than holding it back from the rewards many of these new devices offer. 3
Smartphones are Outside of IT Control Smartphones operate in two worlds: they can connect to the corporate network over wireless, or bypass the network entirely using mobile cellular connections. That means they might download malware from the web over 3G/4G, and then disseminate it over the corporate WiFi network. Web over 4G Corporate WiFi Transferring data in and out of the corporate network, smartphones and tablets are beyond IT control It is harder for IT to control what users do with their smartphone devices, and how these devices expose business data to security threats. Even if IT-issued, any endpoint device that can bypass security measures is insecure. 4
Data Leakage and Loss Smartphones and tablets may also retain sensitive or proprietary data while connected to the corporate wireless network, and then leak it over unsecured cellular to the web—and IT has no recourse. Whether unintentionally, maliciously or driven by profit, employees are leaking a growing amount of data over smartphones/tablets. Users more frequently lose smartphones than computers. Smartphone content is more vulnerable to loss or theft, as network access codes, usernames and passwords are often unsecured or set for automatic log-on. Consumers who “jailbreak” phones to customize carriers or features often leave themselves open to root password hacks. 5
Malware Threats As their numbers increase, smartphones and tablets become a more lucrative target for criminal attacks. The same threats that plague traditional computer operating systems can affect smartphones and tablets, disseminated in emails, social media sites, games, screen savers, instant messages, slide shows, or in some cases by shady URL-shortening services that make bogus, redirecting links more difficult to identify. Smartphones and tablets can magnify malware distribution by spam, phishing, pharming and pretexting. Because smartphones and tablets are a more intimate communications channel than a computer, users are more likely to interact with files masquerading as personal communications. Likewise, users cannot as easily detect cues that a website is a false front on a handset with a small screen. Again, the infection may not be apparent even after perpetration, and can propagate via smartphone across corporate IP networks. 6
Bandwidth Overconsumption The sheer volume of interactive Web 2.0 and streaming media traffic over smartphones and tablets can affect corporate wireless network throughput. Some of these applications, such as streaming video, constantly evolve to avoid control. In addition, like any web-facing endpoint device running applications over the network, smartphones present a potential channel for forced denial-of-service attacks. ACT O CONT E N PHON 7
Making Smarter Mobile Access Decisions Choosing and/or encouraging a mobile device platform that is safe, easy to configure and manage, and that is flexible enough to meet the needs of employees and senior executives sounds easy on paper. In practice, however, it is one of the biggest challenges ahead for IT managers. To be certain that devices are safe, IT departments must design security policies that are invariably a complex blend of technology and policy. Android Microsoft Windows Phone iPhone/iPad Most analysts agree that enterprises should be able to enforce several basic security features on any mobile device, including mandatory passwords, over-the-air device wiping capabilities and data encryption. In practice, the choice of the platform itself will determine the effectiveness of the overall policy. 8
Establishing a Best-practice Defense The consumerization of IT as well as best practices demand that IT enforce sound smartphone and tablet policy with proven technology. IT should define, document and communicate smartphone and tablet use policy, and combine that policy with the deployment of corresponding enforcement solutions. Examples of documented IT policies include requiring users to set strong passwords on their smartphones and tablets (valuable in cases of a lost device, etc.) and report lost or stolen mobile devices to IT immediately. Examples of enforcement solutions include security technologies that can recognize when solicited connections are originating from mobile devices and provide differentiated access policies based on type of device and user authentication. The following critical best practices include approaches for both policy and technology. 9
Best Practice #1: Establish SSL VPN Access to Corporate Resources IC B PRACT 6 T ES PRACT IC E 1 T ES E B Agent-based Secure Sockets Layer Virtual Private Networking (SSL VPN) tunnels add easy “in-office” network-level access to critical client-server resources from laptops, smartphones and tablets, thereby minimizing demand on IT support. Administrators should select SSL VPN gateway solutions that have certified smartphone/tablet clients from the same vendors. This provides a single point of management and similar user experience for both laptops and smartphones, rather than trying to cobble together and support one solution for laptops and a different solution for smartphones and tablets. 10 T ES PRACT IC T ES PRACT IC
Best Practice #2: Establish Reverse Web Proxy B B B B T ES IC PRACT IC E B T ES IC E B 6 7 E PRACT IC E T ES PRACT IC E T ES PRACT E 1 2 T ES By providing standard web browser access to web resources, reverse PRACT proxies can authenticate and encrypt web-based access to network IC ST E resources. Reverse proxy adds the benefit of delivering access agnostically to laptop, smartphone and tablet platforms, thus making it easier to deploy and manage mobility solutions and minimizing administrative overhead. Both SSL VPN and reverse web proxy should integrate seamlessly with standard authentication methods such as two-factor authentication or one-time passwords. PRACT 11
Best Practice #3: T ES B PRACT PRACT IC IC IC E B T ES PRACT E Smartphones and tablets can get lost, stolen or compromised. Device identification technology uses serial number information to allow organizations to chain a specific mobile device to a specific user. This effectively provides a watermark for the device, thus enabling IT to block access to corporate resources. Also, smartphone and tablet OS vendors typically offer a “remote wipe” feature for when the devices are lost or stolen. T ES E B Require a Lost or Stolen Phone or Tablet be Reported Immediately 1 2 3 4 12
B E Best Practice #4: IC B PRACT 7 8 9 T ES PRACT IC E 2 3 4 T ES Comprehensively Scan All Mobile Device Traffic B B B B B IC E B PRACT IC E T ES IC PRACT E PRACT T ES IC E T ES PRACT E T ES E Smartphones and tablets can act as conduits to enable malware to cross the network perimeter, even over WiFi or 3G/4G connections. RACT PRACT T P IC IC ST Sdeployment with a Next-Generation Firewall (NGFW) Integrated E E establishes a Clean VPN™ that decrypts then scans all the content. NGFW gateway security measures (Anti-Virus/Anti-Spyware, Intrusion Prevention Service) decontaminate threats before they enter the network. 13
IC B PRACT 8 9 T ES PRACT IC E 3 4 5 T ES E Control Data-in-flight B Best Practice #5: T ES PRACT IC B B B 10 E B IC E PRACT E T ES E Data leakage protection can scan outbound traffic for watermarked content, even if that traffic is encrypted. At the same time, IT should R A malware, and prevent internally launched PRACT scan all data-in-flight Pfor C T I C IC ST ST E E outbound botnet attacks that can damage corporate reputation and get business-critical email servers blacklisted. Full-featured Next-Generation Firewalls can provide those protections. 14
Best Practice #6: Maximize Firewall Throughput to Eliminate Latency When smartphones and tablets are connected to the corporate network, in order to minimize impact upon latency-sensitive applications such as video conferencing and voice over IP (VoIP), the Next-Generation Firewall platform must be able to comprehensively optimize business-relevant mobile device traffic in real time. IT can obtain such performance capability in solutions that integrate deep packet inspection methods with a high-speed multi-core processor architecture. B B B PRACT PRACT IC IC E T ES IC E B PRACT 6 T ES IC E T ES PRACT E 1 T ES 15
Best Practice #7: Establish Controls Over Mobile Device Application Traffic 6 7 B B PRACT IC IC E E T ES IC PRACT E T ES B T ES IC E PRACT E PRACT IC E 1 2 PRACT As primarily a web-enabled device, smartphones and tablets can access applications such as social media and streaming video. PRACT IC IT should establish control over these applications, just like with other devices when connected directly to the corporate network. Application intelligence and control technology can extend firewall functionality to identify, categorize, control and report upon application usage over the corporate network from these devices. 16
Best Practice #8: B B B PRACT PRACT IC IC IC E E T ES IC PRACT E E B E PRACT T ES IC Analysts expect ninety percent of smartphones to have WiFi functionality by 20147. Security for wireless networks has to be at least on par with wired networks running deep packet inspection. IT should apply both WPA2 and deep packet inspection to traffic connected to the corporate network over WiFi. To be as secure as wired networks, WLANs also need other security features such as deep packet PR CT inspection, to scrub traffic using an array of intrusionAprevention, IC ST E anti-virus and anti-spyware technology. T ES T ES B PRACT B T ES 6 7 8 9 E 1 2 3 4 Establish Mobile Device Wireless Access Security 17
Best Practice #9: 2 3 4 PRACT 7 8 9 PRACT B E B IC T ES E IC Manage Mobile Device Traffic Bandwidth T ES B B B B B B IC PRACT IC ST E E PRACT E PRACT IC ST T ES E IC E E PRACT E T ES E Organizations need to control converged voice-and-data communications enabled by smartphones directly connected to the corporate network. At the same time, they need to optimize P ACT PR C IC IC qualityAofT service and bandwidthRmanagement, as well as prioritize ST ST E E traffic on a per-application and per-user basis. Application-intelligent bandwidth management can dedicate both throughput to latencysensitive smartphone and tablet applications (e.g., VoIP), as well as limit bandwidth-consuming traffic. 18
Best Practice #10: IC 8 9 T ES PRACT IC B E Visualize Bandwidth Activity E 3 4 5 RACT PRACT IC E E T ES B 10 B IC E RACT E To control the proper use of mobile networks, administrators need tools to provide them with the ability to view traffic and adjust R A C T network policy based R A C critical observations. This enables P on T IC IC ST E administrators to ensure bandwidth for mobile device traffic, while adjusting policy to restrict or block bandwidth-consuming traffic based upon a real-time view of bandwidth utilization, application and user traffic, and other user activity. 19
Deploy SonicWALL Solutions for Smartphone and Tablet Security SonicWALL® Aventail® E-Class Secure Remote Access (SRA) delivers full-featured, easy-to-manage, clientless or thin-client “in-office” connectivity for up to 20,000 concurrent mobile-enterprise users from a single appliance. E-Class SRA enhances productivity and business continuity with policy-enforced remote access to network resources from Windows®, Windows Mobile, Apple® Mac OS®, iOS, Linux®, and Google Android® devices. Built on the powerful SonicWALL Aventail SSL VPN platform, E-Class SRA connects only authorized users to only authorized resources. When combined with SonicWALL Next-Generation Firewall as a Clean VPN™, that decrypts and removes threats from traffic tunneled over SSL VPN before they enter the network. 20
SonicWALL Mobilty Solution SonicWALL is the only provider that solves the challenges of access, security and control with one integrated SonicWALL Clean VPN™ solution that combines Clean VPN and application intelligence and control. When SonicWALL Secure Remote Access solutions are deployed with a SonicWALL Next-Generation Firewall, SonicWALL Clean VPN scans tunneled traffic to block malware from exploiting mobile devices as a conduit into the network. SonicWALL Application Intelligence and Control can allow increased bandwidth for critical iOS and Android applications, while limiting bandwidth for unimportant or unacceptable traffic. n n n SonicWALL Clean VPN™ delivers the critical dual protection of SSL VPN and highperformance Next-Generation Firewall necessary to secure both VPN access and traffic. The multi-layered protection of Clean VPN enables organizations to decrypt and scan for malware on all authorized SSL VPN traffic before it enters the network environment. SonicWALL Clean Wireless delivers secure, simple and cost-effective distributed wireless networking by integrating universal 802.11a/b/g/n wireless features with an enterprise-class firewall/VPN gateway. SonicWALL Application Intelligence and Control can maintain granular control over applications, prioritize or throttle bandwidth, and manage website access. Its comprehensive policy capabilities include restricting transfer of specific files and documents, blocking email attachments using user-configurable criteria, customizing application control, and denying internal and external web access based on various user-configurable options. 21
Conclusions Personal smartphone and tablet use in corporate environments has reached its tipping point. More than ever end users are increasingly demanding access to network resources from their personal consumer mobile devices. While riding this tide does offer potential business benefits, it comes with inherent risks. Personal smartphones and tablets pose a risk— SonicWALL has the solution SonicWALL solutions, including Secure Remote Access, Next-Generation Firewall, Clean VPN, and Application Intelligence and Control, can help organizations easily implement best practices to secure smartphone and tablet use in corporate network environments. 22
How Can I Learn More? n Download the whitepaper “Controlling Laptop and Smartphone Access to Corporate Networks” n Opt-in to receive SonicWALL Newsletters For feedback on this e-book or other SonicWALL e-books or whitepapers, please send an e-mail to feedback@sonicwall.com. About SonicWALL Guided by its vision of Dynamic Security for the Global Network, SonicWALL® develops advanced intelligent network security and data protection solutions that adapt as organizations evolve and as threats evolve. Trusted by small and large enterprises worldwide, SonicWALL solutions are designed to detect and control applications and protect networks from intrusions and malware attacks through award-winning hardware, software and virtual appliance-based solutions. For more information, visit the company web site at www.sonicwall.com. “Gartner Says Consumerization Will Be Most Significant Trend Affecting IT During Next 10 Years,” Gartner Inc., October 20, 2005 “Millennial Workforce: IT Risk or Benefit?,” Symantec, March 2008 3 “The Mobile Internet Report Setup,” Morgan Stanley, December 2009 4 “The State of Workforce Technology Adoption: US Benchmark 2009,” Forrester Research, Inc., November 11, 2009 5 Gartner: Mobile To Outpace Desktop Web By 2013,” Media Post Communications, January 13, 2010 6 “Worldwide Smartphone Sales Forecast to 2015,” Coda Research Consultancy, May 2010 7 “Survey: Wi-Fi becoming smartphone must-have,” CNET News, April 1, 2009 1 2 SonicWALL’s line-up of dynamic security solutions NETWORK SECURITY SECURE REMOTE ACCESS WEB AND E-MAIL SECURITY BACKUP AND RECOVERY POLICY AND MANAGEMENT SonicWALL, Inc. 2001 Logic Drive, San Jose, CA 95124 T +1 408.745.9600 F +1 408.745.9300 www.sonicwall.com © 2012 SonicWALL, Inc. All rights reserved. SonicWALL® is a registered trademark of SonicWALL, Inc. and all other SonicWALL product and service names and slogans are trademarks or registered trademarks of SonicWALL, Inc. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective owners. 01/12 SW 1442

Recommandé

Azure Active Directory : on fait le point
Azure Active Directory : on fait le pointAzure Active Directory : on fait le point
Azure Active Directory : on fait le point
Maxime Rastello
 
BYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with businessBYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with business
Mike Brannon
 
The intersection of cool mobility and corporate protection
The intersection of cool mobility and corporate protectionThe intersection of cool mobility and corporate protection
The intersection of cool mobility and corporate protection
EnclaveSecurity
 
Addressing Security Challenges of Mobility and Web 2.0 2009
Addressing Security Challenges of Mobility and Web 2.0 2009Addressing Security Challenges of Mobility and Web 2.0 2009
Addressing Security Challenges of Mobility and Web 2.0 2009
Jason Edelstein
 
Mobility Security - A Business-Centric Approach
Mobility Security - A Business-Centric ApproachMobility Security - A Business-Centric Approach
Mobility Security - A Business-Centric Approach
Omar Khawaja
 
Arquitectura y Visión de Extreme Networks en el Data Center
Arquitectura y Visión de Extreme Networks en el Data CenterArquitectura y Visión de Extreme Networks en el Data Center
Arquitectura y Visión de Extreme Networks en el Data Center
Extreme Networks
 
Enterprise Mobility + Security : tour d'horizon
Enterprise Mobility + Security : tour d'horizonEnterprise Mobility + Security : tour d'horizon
Enterprise Mobility + Security : tour d'horizon
Maxime Rastello
 
Secure Mobility with Analytics for the Private Cloud
Secure Mobility with Analytics for the Private CloudSecure Mobility with Analytics for the Private Cloud
Secure Mobility with Analytics for the Private Cloud
Extreme Networks
 

Recommandé

Azure Active Directory : on fait le point
Azure Active Directory : on fait le pointAzure Active Directory : on fait le point
Azure Active Directory : on fait le point
Maxime Rastello
 
BYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with businessBYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with business
Mike Brannon
 
The intersection of cool mobility and corporate protection
The intersection of cool mobility and corporate protectionThe intersection of cool mobility and corporate protection
The intersection of cool mobility and corporate protection
EnclaveSecurity
 
Addressing Security Challenges of Mobility and Web 2.0 2009
Addressing Security Challenges of Mobility and Web 2.0 2009Addressing Security Challenges of Mobility and Web 2.0 2009
Addressing Security Challenges of Mobility and Web 2.0 2009
Jason Edelstein
 
Mobility Security - A Business-Centric Approach
Mobility Security - A Business-Centric ApproachMobility Security - A Business-Centric Approach
Mobility Security - A Business-Centric Approach
Omar Khawaja
 
Arquitectura y Visión de Extreme Networks en el Data Center
Arquitectura y Visión de Extreme Networks en el Data CenterArquitectura y Visión de Extreme Networks en el Data Center
Arquitectura y Visión de Extreme Networks en el Data Center
Extreme Networks
 
Enterprise Mobility + Security : tour d'horizon
Enterprise Mobility + Security : tour d'horizonEnterprise Mobility + Security : tour d'horizon
Enterprise Mobility + Security : tour d'horizon
Maxime Rastello
 
Secure Mobility with Analytics for the Private Cloud
Secure Mobility with Analytics for the Private CloudSecure Mobility with Analytics for the Private Cloud
Secure Mobility with Analytics for the Private Cloud
Extreme Networks
 
CIS14: Building Blocks for Mobile Authentication and Security
CIS14: Building Blocks for Mobile Authentication and SecurityCIS14: Building Blocks for Mobile Authentication and Security
CIS14: Building Blocks for Mobile Authentication and Security
CloudIDSummit
 
Telus Analyst Briefing mobile security and managed mobility sept 2012 v6 gc ss
Telus Analyst Briefing mobile security and managed mobility sept 2012 v6 gc ssTelus Analyst Briefing mobile security and managed mobility sept 2012 v6 gc ss
Telus Analyst Briefing mobile security and managed mobility sept 2012 v6 gc ss
Graham Chalk
 
Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview
Chris Genazzio
 
Security and Privacy in the current e-mobility charging infrastructure
Security and Privacy in the current e-mobility charging infrastructureSecurity and Privacy in the current e-mobility charging infrastructure
Security and Privacy in the current e-mobility charging infrastructure
Achim Friedland
 
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
Andris Soroka
 
IT Guide for Mobility: Making the case for Security leaders
IT Guide for Mobility: Making the case for Security leadersIT Guide for Mobility: Making the case for Security leaders
IT Guide for Mobility: Making the case for Security leaders
Cisco Mobility
 
Mobility switch security architecture scott calzia madani adjali
Mobility switch security architecture scott calzia madani adjaliMobility switch security architecture scott calzia madani adjali
Mobility switch security architecture scott calzia madani adjali
Aruba, a Hewlett Packard Enterprise company
 
The truth behind cyber attacks
The truth behind cyber attacks The truth behind cyber attacks
The truth behind cyber attacks
Icomm Technologies
 
10 Key Action to Reduce IT Infrastructure and Operation Cost Stucture
10 Key Action to Reduce IT Infrastructure and Operation Cost Stucture10 Key Action to Reduce IT Infrastructure and Operation Cost Stucture
10 Key Action to Reduce IT Infrastructure and Operation Cost Stucture
Icomm Technologies
 
Anatomy of a cyber-attack
Anatomy of a cyber-attackAnatomy of a cyber-attack
Anatomy of a cyber-attack
Icomm Technologies
 
Disaster Recovery
Disaster RecoveryDisaster Recovery
Disaster Recovery
Icomm Technologies
 
Disaster Recovery
Disaster RecoveryDisaster Recovery
Disaster Recovery
Icomm Technologies
 
The sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceThe sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work force
Icomm Technologies
 
Mobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to SolveMobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to Solve
Icomm Technologies
 
The only authentication platform you’ll ever need.
The only authentication platform you’ll ever need.The only authentication platform you’ll ever need.
The only authentication platform you’ll ever need.
Icomm Technologies
 
Swivel Secure and Office 365
Swivel Secure and Office 365Swivel Secure and Office 365
Swivel Secure and Office 365
Icomm Technologies
 
Swivel Secure, ADFS and Office 365
Swivel Secure, ADFS and Office 365Swivel Secure, ADFS and Office 365
Swivel Secure, ADFS and Office 365
Icomm Technologies
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the Cloud
Icomm Technologies
 
Top 10 Trends in Telecommuting
Top 10 Trends in TelecommutingTop 10 Trends in Telecommuting
Top 10 Trends in Telecommuting
Icomm Technologies
 
Controlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksControlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate Networks
Icomm Technologies
 
IT Security Trends in 2012
IT Security Trends in 2012IT Security Trends in 2012
IT Security Trends in 2012
Icomm Technologies
 
Tackling consumerization of it
Tackling consumerization of it Tackling consumerization of it
Tackling consumerization of it
Icomm Technologies
 

Contenu connexe

En vedette

Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview
Chris Genazzio
 
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
Andris Soroka
 

En vedette (7)

CIS14: Building Blocks for Mobile Authentication and Security
CIS14: Building Blocks for Mobile Authentication and SecurityCIS14: Building Blocks for Mobile Authentication and Security
CIS14: Building Blocks for Mobile Authentication and Security
 
Telus Analyst Briefing mobile security and managed mobility sept 2012 v6 gc ss
Telus Analyst Briefing mobile security and managed mobility sept 2012 v6 gc ssTelus Analyst Briefing mobile security and managed mobility sept 2012 v6 gc ss
Telus Analyst Briefing mobile security and managed mobility sept 2012 v6 gc ss
 
Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview
 
Security and Privacy in the current e-mobility charging infrastructure
Security and Privacy in the current e-mobility charging infrastructureSecurity and Privacy in the current e-mobility charging infrastructure
Security and Privacy in the current e-mobility charging infrastructure
 
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
 
IT Guide for Mobility: Making the case for Security leaders
IT Guide for Mobility: Making the case for Security leadersIT Guide for Mobility: Making the case for Security leaders
IT Guide for Mobility: Making the case for Security leaders
 
Mobility switch security architecture scott calzia madani adjali
Mobility switch security architecture scott calzia madani adjaliMobility switch security architecture scott calzia madani adjali
Mobility switch security architecture scott calzia madani adjali
 

Plus de Icomm Technologies

Anatomy of a cyber-attack
Anatomy of a cyber-attackAnatomy of a cyber-attack
Anatomy of a cyber-attack
Icomm Technologies
 
Icomm agentless-architecture
Icomm agentless-architectureIcomm agentless-architecture
Icomm agentless-architecture
Icomm Technologies
 

Plus de Icomm Technologies (20)

The truth behind cyber attacks
The truth behind cyber attacks The truth behind cyber attacks
The truth behind cyber attacks
 
10 Key Action to Reduce IT Infrastructure and Operation Cost Stucture
10 Key Action to Reduce IT Infrastructure and Operation Cost Stucture10 Key Action to Reduce IT Infrastructure and Operation Cost Stucture
10 Key Action to Reduce IT Infrastructure and Operation Cost Stucture
 
Anatomy of a cyber-attack
Anatomy of a cyber-attackAnatomy of a cyber-attack
Anatomy of a cyber-attack
 
Disaster Recovery
Disaster RecoveryDisaster Recovery
Disaster Recovery
 
Disaster Recovery
Disaster RecoveryDisaster Recovery
Disaster Recovery
 
The sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceThe sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work force
 
Mobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to SolveMobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to Solve
 
The only authentication platform you’ll ever need.
The only authentication platform you’ll ever need.The only authentication platform you’ll ever need.
The only authentication platform you’ll ever need.
 
Swivel Secure and Office 365
Swivel Secure and Office 365Swivel Secure and Office 365
Swivel Secure and Office 365
 
Swivel Secure, ADFS and Office 365
Swivel Secure, ADFS and Office 365Swivel Secure, ADFS and Office 365
Swivel Secure, ADFS and Office 365
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the Cloud
 
Top 10 Trends in Telecommuting
Top 10 Trends in TelecommutingTop 10 Trends in Telecommuting
Top 10 Trends in Telecommuting
 
Controlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksControlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate Networks
 
IT Security Trends in 2012
IT Security Trends in 2012IT Security Trends in 2012
IT Security Trends in 2012
 
Tackling consumerization of it
Tackling consumerization of it Tackling consumerization of it
Tackling consumerization of it
 
Office 365-technical-overview-deck
Office 365-technical-overview-deckOffice 365-technical-overview-deck
Office 365-technical-overview-deck
 
Icomm virtualisation-support-white-paper
Icomm virtualisation-support-white-paperIcomm virtualisation-support-white-paper
Icomm virtualisation-support-white-paper
 
Icomm cloud-backup-overview
Icomm cloud-backup-overviewIcomm cloud-backup-overview
Icomm cloud-backup-overview
 
Icomm agentless-architecture
Icomm agentless-architectureIcomm agentless-architecture
Icomm agentless-architecture
 
Efficiently protect-virtual-machines
Efficiently protect-virtual-machinesEfficiently protect-virtual-machines
Efficiently protect-virtual-machines
 

Dernier

Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
lizamodels9
 
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
lizamodels9
 
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
amitlee9823
 
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
lizamodels9
 
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
amitlee9823
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
rajveerescorts2022
 
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Anamikakaur10
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
uneakwhite
 
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
dlhescort
 
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLJAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
kapoorjyoti4444
 
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Sheetaleventcompany
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
amitlee9823
 
(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7
(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7
(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
amitlee9823
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
Abortion pills in Kuwait Cytotec pills in Kuwait
 

Dernier (20)

Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
 
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
 
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
 
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
 
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
 
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
 
Cheap Rate Call Girls In Noida Sector 62 Metro 959961乂3876
Cheap Rate Call Girls In Noida Sector 62 Metro 959961乂3876Cheap Rate Call Girls In Noida Sector 62 Metro 959961乂3876
Cheap Rate Call Girls In Noida Sector 62 Metro 959961乂3876
 
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLJAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
 
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
 
(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7
(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7
(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
PHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation FinalPHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation Final
 

Mobility, Security and the Enterprise

  • 1. Mobility, Security and the Enterprise: 10 Best Practices for Controlling Smartphone and Tablet Access to Corporate Networks Consumer Technology in Corporate IT
  • 2. Table of Contents The Consumerization of IT 1 A Moving Target 2 Risk/Reward: A Complex Equation 3 Smartphones are Outside of IT Control 4 Data Leakage and Loss 5 Malware Threats 6 Bandwidth Overconsumption 7 Making Smarter Mobile Access Decisions 8 Establishing a Best-practice Defense 9 Best Practice #1: Establish SSL VPN Access to Corporate Resources 10 Best Practice #2: Establish Reverse Web Proxy 11 Best Practice #3: Require a Lost or Stolen Phone or Tablet be 12 Reported Immediately Best Practice #4: Comprehensively Scan All Mobile Device Traffic 13 Best Practice #5: Control Data-in-flight 14 Best Practice #6: Maximize Firewall Throughput to Eliminate Latency 15 Best Practice #7: Establish Controls Over Mobile Device Application Traffic 16 Best Practice #8: Establish Mobile Device Wireless Access Security 17 Best Practice #9: Manage Mobile Device Traffic Bandwidth 18 Best Practice #10: Visualize Bandwidth Activity 19 Deploy SonicWALL Solutions for Smartphone and Tablet Security 20 SonicWALL Mobilty Solution 21 Conclusions 22
  • 3. The Consumerization of IT Many technologies that enterprises adopt for their information systems often have roots in consumer applications.1 More employees are extending their workday and increasing office efficiency by leveraging the same technology they use to enhance their personal lives— in particular, smartphone and tablet devices. The power of users now rules the day. Many corporate end users do not allow IT to dictate which smartphone or tablet platform they can use. A growing number will use whatever application, device or technology they want, regardless of corporate IT policies.2 IT has effectively lost its ability to completely mandate the choice of smartphone or tablet access in a corporate setting. 1
  • 4. A Moving Target Face the facts: there will be many rapid changes in smartphone/tablet platforms beyond the control of corporate IT. Administrators must deal with multiple operating system platforms, including iOS, Google® Android, Nokia® Symbian and Microsoft® Windows Mobile and Windows Phone 7. Juggling support for multiple smartphone platforms can burden IT. IT administrators must have an agnostic approach to support multiple smartphone/ tablet platforms for its users, as well as provide contingencies for access continuity. For example, BlackBerry users in certain countries faced threatened service outages that could have required them to switch to a different platform. 2
  • 5. Risk/Reward: A Complex Equation Perhaps the biggest threat is from users themselves, who are increasingly utilizing their mobile devices with scant regard for IT policies (e.g., playing games or checking personal Gmail while connected to corporate networks). Increasingly, mobile device usage is placing great pressure on corporate network resources, too, especially when users consume high-bandwidth content such as video. According to a study by IDC, people downloaded 10.9 billion mobile apps in 2010 (a figure IDC expects will increase to nearly 76.9 billion by 2014), many a potential threat to corporate security. The combination of these factors presents IT departments with a serious dilemma. On one hand, smartphones and tablets are simply too powerful and useful for businesses to ignore, empowering users in completely new ways and enabling them to work far more flexibly and productively. Security must be seen to be enabling the business, rather than holding it back from the rewards many of these new devices offer. 3
  • 6. Smartphones are Outside of IT Control Smartphones operate in two worlds: they can connect to the corporate network over wireless, or bypass the network entirely using mobile cellular connections. That means they might download malware from the web over 3G/4G, and then disseminate it over the corporate WiFi network. Web over 4G Corporate WiFi Transferring data in and out of the corporate network, smartphones and tablets are beyond IT control It is harder for IT to control what users do with their smartphone devices, and how these devices expose business data to security threats. Even if IT-issued, any endpoint device that can bypass security measures is insecure. 4
  • 7. Data Leakage and Loss Smartphones and tablets may also retain sensitive or proprietary data while connected to the corporate wireless network, and then leak it over unsecured cellular to the web—and IT has no recourse. Whether unintentionally, maliciously or driven by profit, employees are leaking a growing amount of data over smartphones/tablets. Users more frequently lose smartphones than computers. Smartphone content is more vulnerable to loss or theft, as network access codes, usernames and passwords are often unsecured or set for automatic log-on. Consumers who “jailbreak” phones to customize carriers or features often leave themselves open to root password hacks. 5
  • 8. Malware Threats As their numbers increase, smartphones and tablets become a more lucrative target for criminal attacks. The same threats that plague traditional computer operating systems can affect smartphones and tablets, disseminated in emails, social media sites, games, screen savers, instant messages, slide shows, or in some cases by shady URL-shortening services that make bogus, redirecting links more difficult to identify. Smartphones and tablets can magnify malware distribution by spam, phishing, pharming and pretexting. Because smartphones and tablets are a more intimate communications channel than a computer, users are more likely to interact with files masquerading as personal communications. Likewise, users cannot as easily detect cues that a website is a false front on a handset with a small screen. Again, the infection may not be apparent even after perpetration, and can propagate via smartphone across corporate IP networks. 6
  • 9. Bandwidth Overconsumption The sheer volume of interactive Web 2.0 and streaming media traffic over smartphones and tablets can affect corporate wireless network throughput. Some of these applications, such as streaming video, constantly evolve to avoid control. In addition, like any web-facing endpoint device running applications over the network, smartphones present a potential channel for forced denial-of-service attacks. ACT O CONT E N PHON 7
  • 10. Making Smarter Mobile Access Decisions Choosing and/or encouraging a mobile device platform that is safe, easy to configure and manage, and that is flexible enough to meet the needs of employees and senior executives sounds easy on paper. In practice, however, it is one of the biggest challenges ahead for IT managers. To be certain that devices are safe, IT departments must design security policies that are invariably a complex blend of technology and policy. Android Microsoft Windows Phone iPhone/iPad Most analysts agree that enterprises should be able to enforce several basic security features on any mobile device, including mandatory passwords, over-the-air device wiping capabilities and data encryption. In practice, the choice of the platform itself will determine the effectiveness of the overall policy. 8
  • 11. Establishing a Best-practice Defense The consumerization of IT as well as best practices demand that IT enforce sound smartphone and tablet policy with proven technology. IT should define, document and communicate smartphone and tablet use policy, and combine that policy with the deployment of corresponding enforcement solutions. Examples of documented IT policies include requiring users to set strong passwords on their smartphones and tablets (valuable in cases of a lost device, etc.) and report lost or stolen mobile devices to IT immediately. Examples of enforcement solutions include security technologies that can recognize when solicited connections are originating from mobile devices and provide differentiated access policies based on type of device and user authentication. The following critical best practices include approaches for both policy and technology. 9
  • 12. Best Practice #1: Establish SSL VPN Access to Corporate Resources IC B PRACT 6 T ES PRACT IC E 1 T ES E B Agent-based Secure Sockets Layer Virtual Private Networking (SSL VPN) tunnels add easy “in-office” network-level access to critical client-server resources from laptops, smartphones and tablets, thereby minimizing demand on IT support. Administrators should select SSL VPN gateway solutions that have certified smartphone/tablet clients from the same vendors. This provides a single point of management and similar user experience for both laptops and smartphones, rather than trying to cobble together and support one solution for laptops and a different solution for smartphones and tablets. 10 T ES PRACT IC T ES PRACT IC
  • 13. Best Practice #2: Establish Reverse Web Proxy B B B B T ES IC PRACT IC E B T ES IC E B 6 7 E PRACT IC E T ES PRACT IC E T ES PRACT E 1 2 T ES By providing standard web browser access to web resources, reverse PRACT proxies can authenticate and encrypt web-based access to network IC ST E resources. Reverse proxy adds the benefit of delivering access agnostically to laptop, smartphone and tablet platforms, thus making it easier to deploy and manage mobility solutions and minimizing administrative overhead. Both SSL VPN and reverse web proxy should integrate seamlessly with standard authentication methods such as two-factor authentication or one-time passwords. PRACT 11
  • 14. Best Practice #3: T ES B PRACT PRACT IC IC IC E B T ES PRACT E Smartphones and tablets can get lost, stolen or compromised. Device identification technology uses serial number information to allow organizations to chain a specific mobile device to a specific user. This effectively provides a watermark for the device, thus enabling IT to block access to corporate resources. Also, smartphone and tablet OS vendors typically offer a “remote wipe” feature for when the devices are lost or stolen. T ES E B Require a Lost or Stolen Phone or Tablet be Reported Immediately 1 2 3 4 12
  • 15. B E Best Practice #4: IC B PRACT 7 8 9 T ES PRACT IC E 2 3 4 T ES Comprehensively Scan All Mobile Device Traffic B B B B B IC E B PRACT IC E T ES IC PRACT E PRACT T ES IC E T ES PRACT E T ES E Smartphones and tablets can act as conduits to enable malware to cross the network perimeter, even over WiFi or 3G/4G connections. RACT PRACT T P IC IC ST Sdeployment with a Next-Generation Firewall (NGFW) Integrated E E establishes a Clean VPN™ that decrypts then scans all the content. NGFW gateway security measures (Anti-Virus/Anti-Spyware, Intrusion Prevention Service) decontaminate threats before they enter the network. 13
  • 16. IC B PRACT 8 9 T ES PRACT IC E 3 4 5 T ES E Control Data-in-flight B Best Practice #5: T ES PRACT IC B B B 10 E B IC E PRACT E T ES E Data leakage protection can scan outbound traffic for watermarked content, even if that traffic is encrypted. At the same time, IT should R A malware, and prevent internally launched PRACT scan all data-in-flight Pfor C T I C IC ST ST E E outbound botnet attacks that can damage corporate reputation and get business-critical email servers blacklisted. Full-featured Next-Generation Firewalls can provide those protections. 14
  • 17. Best Practice #6: Maximize Firewall Throughput to Eliminate Latency When smartphones and tablets are connected to the corporate network, in order to minimize impact upon latency-sensitive applications such as video conferencing and voice over IP (VoIP), the Next-Generation Firewall platform must be able to comprehensively optimize business-relevant mobile device traffic in real time. IT can obtain such performance capability in solutions that integrate deep packet inspection methods with a high-speed multi-core processor architecture. B B B PRACT PRACT IC IC E T ES IC E B PRACT 6 T ES IC E T ES PRACT E 1 T ES 15
  • 18. Best Practice #7: Establish Controls Over Mobile Device Application Traffic 6 7 B B PRACT IC IC E E T ES IC PRACT E T ES B T ES IC E PRACT E PRACT IC E 1 2 PRACT As primarily a web-enabled device, smartphones and tablets can access applications such as social media and streaming video. PRACT IC IT should establish control over these applications, just like with other devices when connected directly to the corporate network. Application intelligence and control technology can extend firewall functionality to identify, categorize, control and report upon application usage over the corporate network from these devices. 16
  • 19. Best Practice #8: B B B PRACT PRACT IC IC IC E E T ES IC PRACT E E B E PRACT T ES IC Analysts expect ninety percent of smartphones to have WiFi functionality by 20147. Security for wireless networks has to be at least on par with wired networks running deep packet inspection. IT should apply both WPA2 and deep packet inspection to traffic connected to the corporate network over WiFi. To be as secure as wired networks, WLANs also need other security features such as deep packet PR CT inspection, to scrub traffic using an array of intrusionAprevention, IC ST E anti-virus and anti-spyware technology. T ES T ES B PRACT B T ES 6 7 8 9 E 1 2 3 4 Establish Mobile Device Wireless Access Security 17
  • 20. Best Practice #9: 2 3 4 PRACT 7 8 9 PRACT B E B IC T ES E IC Manage Mobile Device Traffic Bandwidth T ES B B B B B B IC PRACT IC ST E E PRACT E PRACT IC ST T ES E IC E E PRACT E T ES E Organizations need to control converged voice-and-data communications enabled by smartphones directly connected to the corporate network. At the same time, they need to optimize P ACT PR C IC IC qualityAofT service and bandwidthRmanagement, as well as prioritize ST ST E E traffic on a per-application and per-user basis. Application-intelligent bandwidth management can dedicate both throughput to latencysensitive smartphone and tablet applications (e.g., VoIP), as well as limit bandwidth-consuming traffic. 18
  • 21. Best Practice #10: IC 8 9 T ES PRACT IC B E Visualize Bandwidth Activity E 3 4 5 RACT PRACT IC E E T ES B 10 B IC E RACT E To control the proper use of mobile networks, administrators need tools to provide them with the ability to view traffic and adjust R A C T network policy based R A C critical observations. This enables P on T IC IC ST E administrators to ensure bandwidth for mobile device traffic, while adjusting policy to restrict or block bandwidth-consuming traffic based upon a real-time view of bandwidth utilization, application and user traffic, and other user activity. 19
  • 22. Deploy SonicWALL Solutions for Smartphone and Tablet Security SonicWALL® Aventail® E-Class Secure Remote Access (SRA) delivers full-featured, easy-to-manage, clientless or thin-client “in-office” connectivity for up to 20,000 concurrent mobile-enterprise users from a single appliance. E-Class SRA enhances productivity and business continuity with policy-enforced remote access to network resources from Windows®, Windows Mobile, Apple® Mac OS®, iOS, Linux®, and Google Android® devices. Built on the powerful SonicWALL Aventail SSL VPN platform, E-Class SRA connects only authorized users to only authorized resources. When combined with SonicWALL Next-Generation Firewall as a Clean VPN™, that decrypts and removes threats from traffic tunneled over SSL VPN before they enter the network. 20
  • 23. SonicWALL Mobilty Solution SonicWALL is the only provider that solves the challenges of access, security and control with one integrated SonicWALL Clean VPN™ solution that combines Clean VPN and application intelligence and control. When SonicWALL Secure Remote Access solutions are deployed with a SonicWALL Next-Generation Firewall, SonicWALL Clean VPN scans tunneled traffic to block malware from exploiting mobile devices as a conduit into the network. SonicWALL Application Intelligence and Control can allow increased bandwidth for critical iOS and Android applications, while limiting bandwidth for unimportant or unacceptable traffic. n n n SonicWALL Clean VPN™ delivers the critical dual protection of SSL VPN and highperformance Next-Generation Firewall necessary to secure both VPN access and traffic. The multi-layered protection of Clean VPN enables organizations to decrypt and scan for malware on all authorized SSL VPN traffic before it enters the network environment. SonicWALL Clean Wireless delivers secure, simple and cost-effective distributed wireless networking by integrating universal 802.11a/b/g/n wireless features with an enterprise-class firewall/VPN gateway. SonicWALL Application Intelligence and Control can maintain granular control over applications, prioritize or throttle bandwidth, and manage website access. Its comprehensive policy capabilities include restricting transfer of specific files and documents, blocking email attachments using user-configurable criteria, customizing application control, and denying internal and external web access based on various user-configurable options. 21
  • 24. Conclusions Personal smartphone and tablet use in corporate environments has reached its tipping point. More than ever end users are increasingly demanding access to network resources from their personal consumer mobile devices. While riding this tide does offer potential business benefits, it comes with inherent risks. Personal smartphones and tablets pose a risk— SonicWALL has the solution SonicWALL solutions, including Secure Remote Access, Next-Generation Firewall, Clean VPN, and Application Intelligence and Control, can help organizations easily implement best practices to secure smartphone and tablet use in corporate network environments. 22
  • 25. How Can I Learn More? n Download the whitepaper “Controlling Laptop and Smartphone Access to Corporate Networks” n Opt-in to receive SonicWALL Newsletters For feedback on this e-book or other SonicWALL e-books or whitepapers, please send an e-mail to feedback@sonicwall.com. About SonicWALL Guided by its vision of Dynamic Security for the Global Network, SonicWALL® develops advanced intelligent network security and data protection solutions that adapt as organizations evolve and as threats evolve. Trusted by small and large enterprises worldwide, SonicWALL solutions are designed to detect and control applications and protect networks from intrusions and malware attacks through award-winning hardware, software and virtual appliance-based solutions. For more information, visit the company web site at www.sonicwall.com. “Gartner Says Consumerization Will Be Most Significant Trend Affecting IT During Next 10 Years,” Gartner Inc., October 20, 2005 “Millennial Workforce: IT Risk or Benefit?,” Symantec, March 2008 3 “The Mobile Internet Report Setup,” Morgan Stanley, December 2009 4 “The State of Workforce Technology Adoption: US Benchmark 2009,” Forrester Research, Inc., November 11, 2009 5 Gartner: Mobile To Outpace Desktop Web By 2013,” Media Post Communications, January 13, 2010 6 “Worldwide Smartphone Sales Forecast to 2015,” Coda Research Consultancy, May 2010 7 “Survey: Wi-Fi becoming smartphone must-have,” CNET News, April 1, 2009 1 2 SonicWALL’s line-up of dynamic security solutions NETWORK SECURITY SECURE REMOTE ACCESS WEB AND E-MAIL SECURITY BACKUP AND RECOVERY POLICY AND MANAGEMENT SonicWALL, Inc. 2001 Logic Drive, San Jose, CA 95124 T +1 408.745.9600 F +1 408.745.9300 www.sonicwall.com © 2012 SonicWALL, Inc. All rights reserved. SonicWALL® is a registered trademark of SonicWALL, Inc. and all other SonicWALL product and service names and slogans are trademarks or registered trademarks of SonicWALL, Inc. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective owners. 01/12 SW 1442