While mobile computing has enabled a more connected, productive and mobile workforce, it has created challenges for companies when it comes to protecting networks and business data, so much so that most companies see it as one of the biggest pain points of IT security.
"With the mass proliferation and use of mobile devices, and a growing mobile workforce which crosses over from one device to another between the office and home and while on the move, it`s become a huge challenge for companies to secure all those endpoints as well as the connectivity to the corporate network for those devices.
"Companies recognise there is a new and evolving need to step up security and controls for mobile devices and remote access to their networks. However, whether they`re doing enough of the right thing is questionable," says Dries Morris, operations director at Securicom, a South Africa-based IT security services provider.
Research earlier this year by one of the top security vendors showed that 52% of companies consider mobile computing one of the top IT security challenges, and that a lot of them are planning to add more staff and invest in new technologies to deal with mobile and Web security.
In the meantime, Morris expects that most companies are pretty much wide open to attack, as the business and employee imperative to work on the fly overrides security concerns. But, he says companies shouldn`t be blas'e about stepping-up mobile and remote security, as more and more companies are experiencing security breaches, both from hackers on the outside and employees on the inside, often unintentionally.
Seventy percent of respondents in a survey of more than 3 000 by Symantec said they had experienced attacks in the past 12 months. Ninety percent of them had reported losses from IT security incidents. The top three losses were downtime, theft of intellectual property and theft of corporate data.
In South Africa, 20% incurred at least R1.7 million in expenses relating to IT security attacks within the last year. Respondents said the top sources of those costs were lost productivity, lost revenue and direct financial costs.
"If companies are to put up an effective resistance to ever-increasing and always-evolving security threats, as well as internal breaches, they`re going to have to reshape their IT security strategies to better reflect the changing IT landscape. Traditional, routine network-level security interventions are ineffective against newer threats associated with mobile computing, social media and employee access to business systems and information," says Morris.
For small and mid-sized companies with smaller budgets, employing dedicated resources to watch over the security of roaming and remote endpoints and the connections those machines have to the corporate network is simply unfeasible. But that doesn`t mean they can or should ignore the threats associated with them.
"A managed services strategy would be a far more sensible way of dealing with the challenge of protecting the network and data in an increasingly mobile business environment," says Morris.
Securicom`s Managed Endpoint Protection (SEP) solution gives companies tight and full control over all mobile and remote machines, no matter how many there are or where they are. The solution integrates essential security technologies such as anti-virus, anti-spyware, desktop firewall, intrusion prevention, device control and application control. These technologies are deployed as one agent on each machine to provide advanced threat protection.
It is a fully managed service, and the endpoint protection infrastructure, and ultimately the health and security of each machine, is centrally managed in the cloud. Security content updates are applied to all servers and endpoints automatically and routinely (regardless of whether the machine is connected to the corporate network) to ensure these assets are protected against the latest threats, even when roaming.
Although hosted upstream, company administrators have access to an online dashboard with nifty tools for checking and controlling endpoint security. They can restrict certain activities deemed as suspicious or high-risk and can even lockdown machines. This is helpful in the event of a theft of a machine in order to prevent data leakage. Securicom`s engineers are available around the clock to advise on remediation of events on protected machines.
Coupled with Securicom`s SSL VPN service, which gives mobile workers access to business applications, e-mails and files without being physically connected to the corporate network, companies can effectively secure roaming devices and remote machines, as well as provide mobile users a secure, encrypted connection to the corporate network - all without employing dedicated resources to manage it all.
"Sure, mobility creates security challenges for businesses. But, when you have the right interventions in place and have access to people who know what they`re doing, it`s less onerous, and certainly nothing to be overwhelmed by," concludes Morris.
Share
Securicom
Securicom is a specialist IT security management and consulting company offering an end-to-end range of fully-hosted and managed IT security services.
All Securicom`s solutions utilise world-leading technologies, which are innovatively packaged together for their individual strengths and combined with Securicom`s expertise, to deliver comprehensive protection against known and emerging threats.
Securicom`s services include: advanced e-mail content filtering and management (e-Purifier); hosted e-mail archiving and retrieval (MailVault); e-mail branding (e-Branding); vulnerability scanning (Securiscan); perimeter protection (Managed Firewalls); optimised wide area data services (Managed WDS); remote access security (Securicom SSL VPN) and Optimised Remote Access Services; and WebSecure, which inspects, filters and cleans inbound and outbound Web traffic to combat browser-based threats such as bots, phishing and other malicious active content - this product is only available in Namibia at the moment.
Securicom has offices in Johannesburg, Cape Town, Namibia and London, and offers its services in 10 other African countries.
For more information on Securicom, please visit www.securicom.co.za.
Editorial contacts