Securing the Mobile Enterprise: Part 5

As we discovered in Securing the Mobile Enterprise (Part 4), technology has steadily progressed toward more open networks and shifted from handsets with limited capabilities to advanced handheld computers.  This mobile revolution has engaged security-savvy experts into developing an evolved four part multi-layered security strategy.

Previously covering Endpoint Device Control and Authentication in the Network, today we will focus on the last two verticals within this end-to-end protection strategy.

Centralizing Network Traffic

While virtual private networks (VPNs) and encryption technology can help secure data as it travels the mobile network, it’s highly likely that IT will not know about a mobility threat until a breach has occurred. Without visibility into what threats are lurking in the mobile environment and where and when they’re attempting an attack, IT is left in a risky reactionary mode with little control or insight over how to prevent future attacks.

In the next phase of the evolved mobile network security architecture, encrypted IP traffic from all enterprise smartphone devices will flow into one centralized location for inspection and cleanup. If a bot begins its attack on a smartphone, network administrators can be alerted as the bot attempts to make its way through the central gateway, where it can be shut down before proliferating across the enterprise.

A central gateway for all internet and enterprise traffic means a central gathering place for policy-based routing and security intelligence from any carrier smartphone accessing corporate resources. With centralized traffic management and aggregated, documented security information, companies can proactively mitigate and manage mobility risks and be able to better monitor regulatory compliance with HIPAA, SOX, PCI/DSS and GLB Regulations.

The Network as a Risk Manager

In the fully evolved mobility architecture, smartphone security controls are moving from localized user managed toward Cloud-based corporate managed.

As a result, IT can worry less about weak passwords or ignored alerts. They won’t have to rely on employees to configure personal settings to block spam or to maintain the latest malware for protection. Instead, smartphone security finally moves from the hands of the user, into the capable hands of IT within the Cloud.

With centralized and consistent policy control over how and where data is accessed, stored and moved across the mobile environment, companies can feel more confident about expanding the enterprise network to include smartphones as key productivity tools.

As an end state, this shift ultimately provides companies an opportunity to take advantage of emerging applications and new application services in the cloud.

Securing the Mobile Enterprise (continued)… Moving Forward

Realizing the continual commitment of time, resources and funds necessary for 24x7x365 vigilance, we will conclude this six part series with ideas for faster implementations, zero-to-low capital investments and minimized operational costs.

What type of mobility architecture are you deploying at your site? What issues have arisen that you wish you would have known about before? Any advice you can give to those getting started with using the network as a risk manager? We look forward to your comments.
The Networking Exchange Blog Team About NEB Team