Category

Cloud Security

Using Blockchain to Solve IoT Security – PART #1

By | Cloud Security, IoT | No Comments

In his recent thought-provoking lecture at InfoSec Europe 2018 and in his recent article, Ofer Amitai, CEO and co-founder of Portnox Security, explained that in the future blockchain technology could play a significant role in achieving increased security for IoT (Internet of Things) devices and machines due to its decentralized ledger and peer to peer communications that suit IoT machines communicating amongst themselves without human intervention. He outlined a few futuristic scenarios which he believes will become a part of our normal life routine within 5-10 years and that it will be crucial to have outstanding and solid trust-protocols to be set in place so that this future can operate seamlessly and securely. The recent lecture and article have brought up a few questions that have been posed to Mr. Amitai, and in his answers he continues to outline notions regarding our global technological future.

Q: Regarding blockchain tech being “tamper-evident” – If the goal is to use an IoT device to start a DDoS attack, criminal theft, etc., couldn’t the cyber offenders still get away with what they wanted to do?

Amitai: “I believe hackers could check which devices do not have the latest software and security updates, according to the ledger and those potentially might be a target via the identity of the device. In a situation where an IoT machine has verification of the latest update, then it is less likely to be hacked.

The blockchain will create a new data base of IoT devices: it doesn’t mean that you can locate the device, but just by looking at the ledger you can map the devices that are not updated, and hackers could potentially use that for their advantage, knowing which machines don’t have the latest security patches, updates, etc. Then again, if the IoT security programmers are using that ledger to create a trust score, then it wouldn’t help hackers because those devices would have a low trust score and ideally, they wouldn’t be able to transact with most other machines. There would be a race here between the IoT devices to become updated, and cyber offenders wishing to hack and get into the devices.

The Identity on the ledger should uniquely identify the machine, but still keep it safe and anonymous on the ledger – so you wouldn’t know how to communicate with that device just by looking at the blockchain, or be able to pin point it physically, so they have some level of anonymity. You won’t be able to use it like Shodan to hack IoT devices and machines.”

Q: In your lecture at InfoSec Europe you mentioned that within 5-10 years IoT connected devices and machines will be performing transactions on our behalf. Where else do you see this happening? In which industries? Where in the world?

Amitai: “I believe we will see it in the area of virtual assistants, so you’ll have a lot of machine to man transactions, and also machine to machine, such as ‘please book a hotel for me online’; ‘get me a taxi please’, and the taxi is an autonomous car, and so the virtual assistant communicating with the autonomous taxi would be machine to machine communications; tourism and booking trips; transportation; hospitality. Did you see the new Google virtual assistant launch? Well in the future the conversations will be between machines.

IoT household machines for example – the fridge in your home orders items from the grocery store that will deliver everything, without humans being involved. And it will be interesting to see logistically how those deliveries take place, what types of physical infrastructure will have to be in place for that to happen.

Predictive maintenance is where a machine will order components like a battery that will arrive there, in order for the machine to fix itself! In other words, machines will notice when their battery isn’t going to recharge anymore and take actions to order a new one. So machines will be able to fix themselves.

Pizza delivery – if I have a lot of connective points with IoT cars and smart city traffic lights I know how fast the pizza will arrive – the more data points I have, the more I can predict how fast the deliveries will reach any point in the city.

It is interesting to see what happens with big shipping like ZIM containers in the future. Companies are already working on autonomous ships. Typically, you have a whole crew of people manning supply ships. It’s a big operation and those ships and crews are in danger of being kidnapped… then ransom is demanded, and if ships are working autonomously, then sure, people could still try to steal them or goods from them, but then you don’t have to worry about human lives, you can hookup security cameras all over the ships, and if someone comes to steal anything you could deploy law enforcement but at least human beings wouldn’t be in harm’s way. So potentially this type of piracy would disappear from the world.

Think about parking lots. In the future, your car could drop you off at work, and then go find a parking space on its own. If the car has a good trust score it will be granted access without an issue. Then it could come back to pick you up at the end of your work day.

In the end we want to have automation of processes and have less interaction as humans with machines, especially in supply chain and manufacturing, where there are areas of friction with humans. The less people are involved – the smoother it will be.”

We will continue our exciting conversation with Ofer Amitai in part 2, in which Ofer will discuss examples of machine to machine communications that are already in use today; policy setting and the need to be prepared for the new security risks of tomorrow.

Employees Working All Over The World? Learn How to Protect Your Network from the Cloud

By | Cloud Security, Our Technology | No Comments

Every enterprise has a different pain point when it comes to security, whether it employs a large remote workforce or the company operates at a global scale. According to a survey by Gallup, 37% of U.S. workers have worked from home, which is up from 9% in 1995. This trend in an agile employee base allows companies to be competitive with one another when hiring talent, but it is leaving back doors and heightened risks to your network. With the right technology, companies can control access to its networks in any region and from any device.

Here are two use cases where NAC as-a-Service helps organizations control its network security. You can read more in the NAC-as-a-Service eBook.

Enterprises with Remote Workforces

As companies adopt work from home policies, it is raising security concerns for IT departments. Remote workers and co-working spaces aren’t just for startup entrepreneurs anymore. In fact, Fortune 500 companies like GM, GE, IBM and Microsoft all rent office spaces from WeWork. According to Gallup, the average U.S. employee works remotely at least two days a month. 9% of those polled work from a remote location for at least ten days a month, whether that is from their home office or a more public location.

Remote employees often connect to wireless networks that are also being accessed by other individuals whether the employee is at a coffee shop or traveling using their hotel’s guest Wi-Fi. Many companies require remote employees to authenticate their devices via a virtual private network, but enforcing VPN policies can be difficult. Using these connections may leave back doors open for hackers into the enterprise’s network.

With NAC-as-a-Service, IT departments gain visibility into their network endpoints from the cloud, giving network administrators the contextual knowledge to be confident their data and networks are secure. With strong authentication credentials, NAC as-a-Service prevents unauthorized access.

Global Companies Looking to Minimize Risk

With the growth of BYOD, IoT and companies scaling their business globally, the need to control network endpoints and streamline security practices for the network is higher than ever.  Managing global networks with multiple regional offices can be daunting. With global corporations like GE, IBM, and Microsoft encouraging co-working spaces more IT departments are sitting down to minimize the potential risks to their network. If a vulnerable device is attempting to join the network at a regional office or a shared office space like WeWork, it may put the entire global network at risk. Many traditional NAC solutions are on-premise and some regional offices may have differences in their security policies. Streamlining these policies are crucial, and with a cloud NAC solution there is no requirement for any hardware or complex installation, and can, therefore, be streamlined across a global network from the cloud.

Whether you are managing regional offices or your IT department is authenticating your work at home employees, with NAC-as-a-Service small businesses and large enterprises can monitor their risks and secure entire networks with ease. Portnox CLEAR works to put IT department’s minds at ease with NAC via the cloud whether your company works at a global scale or you are retaining a large remote workforce.

Interested in reading more about the next generation of NAC? Read our NAC-as-a-Service eBook.

mobile NAC

What is NAC-as-a-Service and Why Do You Need It?

By | Cloud Security | No Comments

Network access control (NAC) solutions have been around since the early 2000s, serving the important purpose of authenticating and authorizing access to the corporate network. NAC solutions are historically reliable when it comes to authenticating and authorizing access based on device credentials, but with the onset of digital transformation, including, Bring-Your-Own-Device (BYOD), the Internet of Things (IoT), and a growing mobile workforce, mobile NAC solutions need to adapt to the modern enterprise landscape.

Our new eBook introduces NAC-as-a-Service, offering traditional NAC capabilities including authentication, authorization, and endpoint security assessments from the cloud as-a-Service.

What’s new about NAC-as-a-Service?

  • Pricing: Traditional NAC solutions run on port-based pricing and one-time fees, but NAC as-a-Service serves as subscription-based models
  • Location: On-premise NAC offerings typically control only on-site devices, whereas NAC as-a-Service monitors and control all devices on a network regardless of location
  • Easy 802.1x – A NAC as-a-Service solution allows for simple deployment of 802.1x authentication, without compromising on security across the enterprise and allowing admins to embrace the trustworthy method of authenticating devices on the corporate network
  • Automated control: Instead of manually tracking managed endpoints, NAC as-a-Service offers automated controls based on a device’s risk level
  • Customized Policies: System admins can set up access policies, restricting devices based on qualifications, for example, setting geographical control over where the corporate network can be accessed from or restricting access from a certain operating system

Why your organization needs NAC-as-a-Service?

If you’re looking to adopt digital transformation trends while keeping your network secure, NAC as-a-Service is right for you. IT professionals often want to encourage their employees to use technology and reap the financial benefits that result but are concerned about the digital risks they can expose the organization to. When adopting digital transformation trends like BYOD, IoT and the mobile workforce, visibility and access controls are more important than ever. NAC as-a-Service offers network administrations visibility into all endpoints without the use of an agent, and automatically limits or restricts access if an endpoint appears to put the network at risk. With a cloud service, network access control is easier than ever.

Portnox CLEAR is a cloud -based solution that simplifies the management of emerging cyber risks in the organization, offering all the benefits of a SaaS solution paired with robust access control and network visibility capabilities.

Find out more about how NAC-as-a-Service solution addresses today’s security needs in our  NAC-as-a-Service eBook.

Portnox Wins Two Cybersecurity Excellence Awards

By | Cloud Security, Network Access Management, Network Security, Our Technology | No Comments

We’re excited to share that Portnox won the Cyber Security Excellence Award in two categories, including:

  • Silver Winner for Most Innovative Cybersecurity Company: Portnox
  • Bronze Winner for Cloud Security category: Portnox CLEAR

“Congratulations to Portnox for being recognized as a winner in the Most Innovative Cybersecurity Company and Cloud Security categories of the 2018 Cybersecurity Excellence Awards,” said Holger Schulze, CEO of Cybersecurity Insiders and founder of the 400,000-member Information Security Community on LinkedIn that organizes the awards program. “With over 400 entries in more than 70 categories, the 2018 awards are highly competitive and all winners truly reflect the very best in today’s cybersecurity industry.”

The 2018 Cybersecurity Excellence Awards are an annual program that recognizes products, companies and individuals that exhibit innovation, excellence and noteworthy leadership in the information security space, based on the strength of their nomination and the popular vote from members of the Information Security Community.  You can find Portnox listed among the winners here.

Read more about Portnox CLEAR, Cloud NAC solution or simply Try it Now!

2018 Top Cybersecurity Events Not to Be Missed!

By | Cloud Security, IoT, Network Access Management, Network Security, Our Technology, Threat Detection and Response | No Comments

You want to stay ahead of the game? The following list of cybersecurity events will help … and they are fun too!

Whether you are a security professional, software developer, security administrator, or any other role in the IT security fields, attending a conference is a great way to network with other professionals and learn about the hottest market trends, new developments, improvements, innovation and information.

Plenty of great cybersecurity conferences are coming up in the months ahead and the Portnox team will attend several of these. We’ve identified these top cybersecurity events that should be on your list. Check them out and update your calendar!

Cybertech Israel

January 29- 31, 2018
Tel Aviv, Israel

The event is positioned as a global meeting place, featuring representatives from organizations of all sizes, from multinational corporations to emerging startups. There will be a special pavilion for startups, as well as a competition in which entrepreneurs will present their ideas to a panel of international judges. Topics under discussion during the conference include the Internet of Things (IoT), big data and Finsec New in 2018 is a sister conference and exhibition, AutoTech, focusing on the future of smart mobility and the automotive.

Oracle CloudWorld

February 16, 2018
New York City, USA

Oracle Cloud World brings together forward-looking professionals responsible for finance, operations, supply chain, human resource, sales, marketing, customer service and IT. Learn how leading companies are leveraging the cloud for competitive advantage. Experience what works, what doesn’t, and identify solutions and approaches to accelerate your innovation.

Gartner Identity & Access Management Summit

March 5- 6, 2018
London, UK

The Gartner Identity and Access Management (IAM) Summit will focus on some of the hottest topics for the coming year, including the role of identity management in securing cloud and mobile apps, the IoT and the importance of privileged access management. For those preparing for the General Data Protection Regulation (GDPR), there is also a focus on the role of IAM as it applies to the privacy regulation.

Infosec World 2018

March 19 -21, 2018
Florida, USA

InfoSec World 2018 Conference & Expo is bringing together CISOs, CIOs, CTOs and other security practitioners who will share hands-on and practical advice on a wide range of security topics. From understanding your adversary to learning about the 0-day exploit market to bridging the gap between the technical and business aspects of security, InfoSec World 2018 will offer a chance for security professionals to learn something new and analyze ideas with peers.

Cloud Security Expo

March 21 -22, 2018
London, UK

Cloud Security Expo is the fastest growing section of the Cloud Expo Europe event series attracting a record-breaking 19,926 Enterprise IT & Security Buyers and Specialists in March this year! Cloud Expo Europe Keynote Theatre hosts foremost international technology leaders, including internationally acclaimed and top-rated visionaries, senior industry speakers and executives driving a global transformative shift towards cloud computing and other disruptive technologies. Speakers will deliver their outlook on the future, plus leading CIOs and senior IT professionals will be sharing their roadmaps to digital transformation, where cloud lives in the heart of the engine room. Cloud Security Expo provides the tools, training & techniques to ensure companies are compliant and secure as they transition their business assets to the cloud.

To register for the event, click here.

RSA
April 16-20, 2018
San Francisco, CA, USA

The largest cybersecurity event in the world today. The RSA Conference USA 2018 is dedicated to information security topics including data breaches, Cyber threats, compliance, social engineering, cloud security, risk management, application security, mobile security, governance, data security, legislation and policy, law, cryptography and identity management. It brings together information security professionals from across the globe working in industries such as Computer Software Development Finance, Banking, Healthcare, Government, Pharmaceuticals, and Manufacturing. Hear from world-class speakers on topics such as “The Most Dangerous New Attack Techniques, and What’s Coming Next”.

Interop ITX
April 30 – May 4, 2018
Las Vegas, NV, USA

Interop ITX combines a trusted Conference program with a vendor-neutral Business Hall and lots of networking events. The event is entering its 32nd year serving the IT community and it is an opportunity to learn about technologies and solutionsץ You may not realize how much the show has evolved during that time, growing from a plugfest ensuring network interoperability to an industry-oriented trade show to its current model: a week-long event centered around its conference program, including educational sessions, long-form tutorials, mainstage keynotes, sponsored content and a business hall showcasing technology.

Our CEO is Speaking! Sign up for his hands-on IoT workshop here.

Gartner Security & Risk Management Summit
June 4- 7, 2018
National Harbor, MD, USA

The Gartner Security & Risk Management Summit 2018 will focus on practices and strategies that will provide cost-effective security and risk programs in order to support digital business and drive the success of your business or organization.

Among the exhibiting companies are IBM, Thales, Cylance, Varonis, Symantec, HP enterprise, Verizon, Sentinel, AT&T.

InfoSec Europe
June 5-7, 2018
London, UK

Infosecurity Europe (Infosec) is the region’s number one information security event featuring Europe’s largest and most comprehensive conference programme and over 400 exhibitors showcasing the most relevant information security solutions and products to over 19,500 information security professionals. Each year this conference features many sessions on NAC. Watch this space!

BlackHat USA
August 4 – 9, 2018
Las Vegas, NV, USA

Black Hat is the most technical and relevant global information security event series in the world. For more than 18 years, Black Hat has provided attendees with the very latest in information security research, development, and trends in a strictly vendor-neutral environment. These high-profile global events and training are driven by the needs of the security community, striving to bring together the best minds in the industry. Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors.

Contact us to schedule private product demos (Portnox CORE for on-Premise NAC and Portnox CLEAR for cloud-based NAC) at one of these shows. We look forward to seeing you there and beginning a conversation with you around network security!

 

nac security

How NAC Achieves CIS’s Top Security Controls

By | Cloud Security, Network Access Management | No Comments

The value proposition of network access control (NAC) solutions has shifted in recent years due to the onset of wireless networks, coupled with technological advancements in mobile and Internet of Things devices. Together with growing demands for the implementation compliance standards across a number of industries, companies are now required to openly communicate information about their security controls to external auditing authorities.

NAC is well positioned to provide an answer to these concerns by directly addressing the Center for Internet Security’s Top 5 Security Controls, which are a prioritized set of actions to protect organizations and data from cyber threats. NAC security solutions address: collecting the inventory of authorized/unauthorized devices and software (including applications); ensuring secure configurations of hardware and software; carrying out continuous vulnerability assessments and remediation measures; and allowing for the controlled use of administrative privileges through role-based access.

Find what the best NAC solutions addresses these security controls in our infographic and “The Importance of a NAC Solution” White Paper!

Portnox’s Predictions for Cybersecurity Trends in 2018

By | Cloud Security, IoT, Network Access Management, Network Security, Our Technology, Threat Detection and Response | No Comments

2017 was a very busy year for Portnox, yet throughout we aimed to address cybersecurity trends through our product offerings – Portnox CORE and Portnox CLEAR. With the highest number of ransomware attacks on record in 2017, we introduced a Rapid Ransomware Response and Control feature to our on-premise NAC solution, Portnox CORE, as well as the ability to see and control Internet of Things (IoT) devices through the IoT Visibility Radar. Portnox CLEAR, our cloud solution for network access control and risk management, was introduced to the market, and with its features for ensuring business continuity and securing the mobile workforce. The ability of our products to adequately address 2017 received commendation in the form of various industry awards and recognitions from leading publications and security experts.
Looking forward to 2018, the security landscape will shift and focus more heavily on IoT security, blockchain trends, automation and workforce mobility.

Here are some of our insights on what the 2018 cybersecurity landscape will look like:

  1. Extension of Automation: Together with AI and machine intelligence trends, automation will likely take center stage in 2018 as the leading security trend. Microsoft recently announced that it will begin automated anti-virus updates through its Windows Defender, which means that users and organizations will no longer have a choice when it comes to patching endpoints and software. This is good news, because it ensures that more actors have adequate security postures, and it makes sense for modular devices (like IoT) that present difficulties when it comes to firmware upgrades. Yet automation also creates challenges, namely for industries dependent on older versions of software, firmware and operating systems, such as healthcare and finance. Automated security updates could put the business continuity of these organizations at risk, and with potentially life-threatening and economically risky consequences. In addition, automated security updates across the board could actually make it easier for hackers to carry out large-scale attacks that will affect a larger number of endpoints.
  2. Blockchain and the Hacking of Applications: While many believe that the blockchain is “unhackable”, in the last year we have seen an increase in the number of attacks against blockchain-based applications. The vulnerabilities do not arise from the blockchain itself, but rather the applications that run on the blockchain. Social engineering will be used to extract private keys. Another possible blockchain hack, which has already been proven possible, is through other blockchain technologies such as Ethereum, which is an organization that’s committed to being open source for third-party applications. This creates a vulnerability because almost all applications have bugs can be manipulated by hackers as an attack surface.
  3. DDoS Ransomware: Creating a new and more pungent form of blackmail, DDoS and ransomware are joining forces to topple enterprise progress in digital transformation, while reaping monetary benefits. These attacks are made possible by using botnets, or large groups of “zombie” devices – which often happen to be Internet of Things devices, such as webcams – to funnel traffic to a malware-infected web address that, in turn, extract data from the accessing endpoint and demand ransoms for the return of that encrypted data. These attacks are often called “sinkhole” attacks because the DDoS traffic is being directed to sites that contain dangerous malware. With the wide adoption of Internet of Things devices in the enterprise, and the rise in ransomware demands, it’s likely that we’ll be seeing more of these attacks in the next year.
  4. Growing Regulation of IoT Security: Regulations governing IoT security features are beginning to be drafted, but there is still not enough demand from the consumer side to warrant manufacturer investment in security features. This begs a major question in 2018 of whether governments, in similar fashion to the US and EU, will begin issuing security regulations on IoT device manufacturers that protect consumers and companies from digital risk. Together with GDPR and other compliance regulations, we are likely to see more governments and industry authorities stepping up to enforce privacy, safety and security regulations on IoT manufacturers.
  5. Mobility of the Workforce: With more employees working remotely, organizations are enjoying a significant drop in their capital expenditures (many have even given up on the physical office space), while directing operational expenditures at digital transformation trends such as cloud and BYOD. Workforce mobility is a good thing for companies’ balance sheets, but the technological flexibility it affords results in more areas of cybersecurity vulnerability for the enterprise network. Companies that are set on accommodating mobile workforce trends will be investing in more endpoint, network and cloud security solutions that protect access and assets across a variety of locations and in various connected environments.

At Portnox, we will continue innovating our access control offerings to provide solutions to 2018 security trends and challenges, providing our customers with valuable, holistic solutions to protect their networks.
Here’s to a great 2018!

Easy 802.1X

By | Cloud Security | No Comments

The IEEE standard for port-based authentication, 802.1X, has been around since the early 2000’s, but in recent years has been met with frustration from network administrations and architectural experts. While 802.1X is well suited to the needs of the wired, desktop-dependent enterprise, with the shift to wireless networks, together with an upsurge of BYOD and Internet of Things (IoT) devices, deployment of 802.1X has become more of headache than a help.

Much of the criticism for 802.1X centers around the difficulty of deployment, namely that certain hardware infrastructure, such as RADIUS authentication and user repository servers, are required. In addition, with an increase of mobile devices in the enterprise, 802.1X is not able to provide enough contextual information on devices to allow for effective security controls. Finally, the difficulty of deployment involves the allocation of agents, which must be carefully managed on endpoints and could become a nuisance for employees if they are constantly required to enter their access credentials.

So Why Reconsider 802.1X?

Despite these technical difficulties, 802.1X has proven to be the strongest method for authenticating devices on the corporate network due to its continuous and direct communication with authenticating servers as opposed to pre/post scanners or the use of logs. The benefits for centralized management and enhanced security should not be deserted based on the sheer complexity of 802.1X deployments.

802.1X Delivered as a Cloud Service

Now, there is another way. With the growth of cloud computing technologies, Portnox CLEAR offers a solution that allows for simple deployment of 802.1X authentication , without compromising on security across the enterprise. By deploying RADIUS and user repository servers from the cloud, and delivering 802.1X as a software-defined cloud service, admins can embrace the benefits of 802.1X authentication by deploying a zero-touch solution that eliminates geo-redundancies. In a matter of minutes, admins can see and control every device connecting to their network and issue agents to monitor and control those devices with one swift action.

To find out how 802.1X authentication from the cloud works, read more in our White Paper, “802.1X Authentication Is Simpler Than You Think“, or TRY PORTNOX CLEAR NOW!

Revitalized NAC for LAN and Cloud

By | Cloud Security | No Comments

As long as enterprise organizations try to maintain private networks, the challenge of determining which devices are considered safe for entry will remain. Whether this access decision is made using physical or virtual enforcement controls does not matter much from a policy perspective. Organizations desiring private LANs will simply want something workable to determine which devices are allowed admission, and which are not.

Traditional enterprise local area security teams have relied on a technology known as network access control or NAC to provide such policy enforcement. NAC is sort of like transportation security at your local airport: You arrive at a checkpoint, you present requested credentials, you go through some careful screening, and then an access decision is made. None of this is convenient, and none of it happens instantaneously. But we all agree that it is necessary.

What are the prospects for NAC in a world where the traditional LAN is being rapidly evolved by mobile and cloud? And what of the disappointment many security experts have previously expressed with NAC?

Enterprise NAC faces challenges, and many 802.1X-based implementations burdened by unbridled complexity. But the prospects for NAC in the modern enterprise are dramatically improving, coupled with powerful means for extending such protections to the cloud. “Next generation network access controls for cloud,” according to Portnox CEO Ofer Amitai, “will be a critically important component of the virtual enterprise.”

The original approaches to NAC had several challenges from the outset. First, they tended to be vendor specific, with required endpoint agents, and mitigations based on network traffic manipulation. These methods carried considerable downside; for example, few non-trivial networks are built on the capability and offerings of a single network vendor. Even in the presence of standards, interoperability issues were often the root cause of problems.

Portnox has focused its NAC product efforts on addressing these challenges directly for both the enterprise LAN and the extended hybrid cloud (to include IoT systems as well). Seamless, agnostic coverage of multiple vendor deployments, for example, is one of the focus areas of Portnox – and this should be welcome news to any network security manager supporting complex functional requirements for the hybrid enterprise.

Perhaps the most evolved NAC consideration in the Portnox suite is its emphasis on visibility across access layers. Surprisingly, early attempts at visibility from NAC were downplayed, simply because the (stubborn) presumption was that access policy would be enforced at LAN admission time. This carries the logical assumption that only good devices would ever be permitted entry to the LAN – which we all know is not how things evolved.

All of this is good news for any CISO team operating on an existing perimeter-based LAN (which means essentially every CISO team), with clear transition on-going toward hybrid cloud. The requirements to protect admission and entry to the corporate network remains a control demand in every framework I’ve ever seen. It, therefore, stands to reason that teams should partner with NAC vendors who understand the present – as well as the future.

Tips to Stay Secure in the Mobile Enterprise

By | Cloud Security | One Comment

Enterprise mobility, or an approach to the workforce that enables employees to do their work from any location using available devices and applications, is a growing trend tied to digital transformation. In a 2016 survey conducted by Harris Poll, 90% of IT decision makers marked enabling enterprise mobility as a significant chunk of their IT spend due to its positive impact on workplace satisfaction, customer engagement, competitive stance and operational productivity. Yet despite the benefits of workforce mobility for a company’s business, there are a number of inherent IT security concerns that come along with the shift away from the office.

Enterprise mobility is strongly tied to BYOD trends in the enterprise that encourage employees to use their own smart devices (smartphones, tablets, laptops and watches) instead of investing extraneously dedicated corporate devices. The up-side of this trend is the budgetary savings, but the downside is that IT departments have less control over what’s connecting to the enterprise network and a weaker understanding of the vulnerabilities BYOD devices may introduce. Whether an employee intends to or not, their device may introduce cyber threats to the network that are difficult to control, as the device is not managed. Therefore, for companies that want to securely engage in BYOD and enterprise mobility, an agentless network visibility and control solution is essential, filling in the gaps on device health posture and providing methods to address threats, if they arise.

Another issue with enterprise mobility is location. Just as the location of a store is directly tied to how much it sells, the location of a connection, no matter where, is a good determiner of its security If an employee heads out on vacation with their laptop to do some work, you want to ensure that they can securely access company data without compromising it. Some IT departments set a range of valid locations from which employees can connect, but this limits the scope of activity for mobile, international organizations. Therefore, a network security solution that can provide visibility and automated methods of control will ensure that “sketchy” connections won’t jeopardize the safety of the entire network; and if they do, those connecting devices will be automatically blocked or quarantined until they are in a location with a safe connection.

A third, but by no means final, issue with enterprise mobility is that it is directly tied to the cloud computing trend. While this is great news, for a variety of reasons that we lay out here, many cloud applications only have rudimentary authentication methods that ensure the employee connecting is really who they say they are. Therefore, it’s important to have stronger authentication measure in place, either tied to a RADIUS server, Active Directory or based on a multi-factor authentication mechanism when they are connecting, be it over a wireless network or VPN connection. The cloud can definitely be trusted, but with the spike in cyber attacks such as distributed denial of service attacks and malware, it’s a good idea to add an extra layer of protection for accessing company documentation over the cloud.

The pace with which companies are embracing enterprise mobility leads many to believe that office building could soon be a thing of the past. However, it is important to remember that while employees may seem to have all the tools they need to effectively complete their tasks remotely – a laptop computer and phone connection – there is important network security ground to be laid prior to enabling this shift. By controlling access to the company network and its data, enterprises can safely engage in the mobility trend with the confidence that their network is as safe as it would be if everyone was still working from the office.

National Cyber Security Awareness Month is all about sharing knowledge to promote a safer and more secure internet environment for all users. When you hear of threats, inform your peers to prevent spreading, and always remain wary of what you search, receive and send over the internet. Awareness and education are the best ways to beat hackers!

Stay #CyberAware