<img src="http://www.cloudtracer101.com/15158.png" style="display:none;">

Welcome to the Datrix Blog

The age of the Anywhere Worker

As the boundaries between work and leisure become blurred, the traditional 9 to 5 is starting to disappear. Flexible working patterns, location independent workers and collaboration between global work teams is becoming the norm.

Anywhere-Worker-Beach-1

To satisfy this lust for accessibility, the anywhere worker increasingly demands mobile devices to carry out their work, making security a worry for organisations.


 

Regularly we hear in the press about laptops being left on trains or in public places leading to confidential information escaping into the media or data being manipulated for criminal means.

In an age where workers are increasingly using their mobile devices to have confidential conversations and share confidential information, how do IT departments securely handle the following:

  • What happens if the device is lost?

  • Should employees’ private devices be allowed in the corporate environment (Bring Your Own Device)?

  • What measures are needed to enforce security guidelines on mobile devices (ie against malware etc)?

Today, we have a rich landscape of communication methods and technologies – this luxury brings challenges as well as benefits:

  • Apps: Generally speaking, these are not designed for the levels of security required by companies

  • Communication: Confidentiality and privacy are acutely at risk as individuals carry out work and personal discussions openly

  • Cloud: Mobile data is adding a new dimension to data protection and security

  • Social media: Everyone can speak to everyone – corporate guidelines are essential

  • Devices: More options for everyone – also for hackers and spies

  • Networks: One secure network (VPN) and many non-secure networks (WLAN, 3G/4G, UMTS possibly without VPN) – employees must use the “right” path

Better to be safe, than sorry

So, how do we overcome the problem of giving employees the flexibility they need, balanced with ensuring that the organisation is protected from attack? The answer lies in the deployment of a security mobile strategy.

Some things to consider:

  • What (if any) mobile devices should be adopted and supported within the company

  • Whether employees bringing their own devices to work is feasible and the consequences of allowing this activity

  • Accessibility for customers, partners and employees to corporate services such as self-help portals, extranets etc

  • Internal guidelines for the use of mobile devices within the workplace

  • Personal employee awareness of security

  • Easy to install VPN software

Over and above this, the use of mobile devices requires a rethink of existing security mechanisms. Switching from endpoint to access-based security solutions is absolutely essential. Endpoint security is based on the principle that a device is responsible for its own protection. Should a device actually be compromised, this means that the attacker has direct access to the company's data.

On the other hand, access-based solutions ensure that the network core is secure, and focus on ensuring that security measures are enforced as mobile devices come into contact with the network core – whether it's to initiate a conversation or to attempt to access corporate data. This ensures that attackers are unable to access central corporate resources in the event that a device is compromised, minimizing the amount of data that can be accessed and limiting the spread of potentially harmful viruses or automated attacks. Access-based security requires a combination of Identity and Access Management (IAM), and Network Access Control (NAC) solutions that are mobility- and UC-aware.

Now and the future

Mobility is good for business, but security should never be left to chance. The key to comprehensive end-to-end security lies in a combination of device, network and data security. Measures that go beyond basic data protection and include user authentication, access control and policy enforcement are absolutely indispensable.

The right technology partner can provide comprehensive support at all levels. This includes security solutions, optimization and managed system administration and recovery that guarantee comprehensive security, compliance and integrity for the entire mobile infrastructure.

To find out more about Mobile Security from Siemens Enterprise Communications please download the Mobile Security white paper below.

Download Mobile Security Whitepaper (1.2MB)

To discover more about secure BYOD solutions, contact Datrix on 0207 749 0800 or email enquiries@datrix.co.uk

 

This article was originally published on the Siemens Enterprise Communications blog.

Topics: Networking