5 Real-World Tactics to Protect Your Enterprise Business


Published on

It’s a time where speed matters more than ever before.

Businesses need to run at such a rapid pace that at times it has to take security risks that can cause all kinds of havoc to a communications network.

That’s especially true when you consider what happens when people travel. The data and information is a bit more vulnerable, creating a “mobile blindspot,” that has to be monitored. This brief from Qwest explores five real-world tactics that you can use to enhance mobile security in your organization so you can avoid those mobile blind spots and keep your organization moving at that ever quickening pace.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

5 Real-World Tactics to Protect Your Enterprise Business

  1. 1. Avoid the Mobile bliNd Spot: FiveReAl-WoRld tACtiCS to pRoteCt YouReNteRpRiSe NetWoRkSSuppor t your 24/7 workforce with safe and flexible remote access.ExEcutivE OvErviEw — tactics EnablE flExibility and prOtEctiOn fOra prOductivE wOrkfOrcEToday’s successful businesses run at the speed of light, requiring According to an IDG Researchemployees and corporate assets to be available and accessible 24 Services survey conducted inby 7. Enterprises need to find a way to allow rapid, flexible access 2008, 81% of responding CIOswhile protecting themselves from serious risk. When employees reported being concerned abouttravel with corporate data on laptops and other portable devices it reputation, while 79% werebecomes increasingly harder to manage, and control such data, or worried about legal consequenceseven know if it’s being protected, thereby creating a “mobile blind of a security breach.spot” that has the potential to wreak havoc on your corporatecommunications network.Identifying key mobile blind spots and taking steps to protect data in transit is critical to protecting yourbusiness. This paper outlines five real-world tactics that you can use to enhance mobile security in yourorganization. These tactics will help provide your workforce with the flexibility it needs to be productiveanywhere, anytime, while protecting valuable corporate assets and the enterprise network against imminentsecurity breaches and risk in an expanding mobile world.bEwarE Of thE mObilE blind spOt — significant risk at stakEIncreasing busy lifestyles mean that employees must have the flexibility to work remotely to stay productive. However, suchflexibility requires remote access over often unsecured Internet connections. Employees log on at WiFi hotspots in coffeeshops, airports, hotels, remote offices, client offices and from home. They access corporate networks over laptops, smartphones, and other portable wireless devices. Although this trend toward mobility can improve productivity, it also putscorporate networks at significant risk.When employees work remotely from wireless devices, they create a mobile blind spot. Simply put, corporate ITdepartments cannot monitor what’s happening on those mobile assets once they log off the network. They cannotguarantee the security of the corporate data on those devices, and they lose visibility into who is accessing corporatedata or, even worse, who might have access to the corporate network from those devices. A lost laptop with confidentialinformation or network passwords could cost a company millions in data loss, network downtime, stolen information, legalcosts and reputation.By enabling employees to work remotely, IT departments have moved the datacenter to a collection of mobile devicesthat travel to the dinner table, the coffee shop or little league field. The LAN is no longer the prevailing IT architecture forconducting business in the 21st century. The Internet is now the corporate network. The question is how do you adoptthis more productive, more flexible way of working while keeping corporate assets secure? Copyright © 2009 Qwest. All Rights Reserved. Not to be distributed or reproduced by anyone other than Qwest entities. 1 All marks are the property of the respective company. September 2009. WP101111 1/10
  2. 2. This question keeps CIOs up at night. According to an IDG Research Services survey conducted in 2008, 81% ofrespondents reported being concerned about their reputation, while 79% were worried about legal consequences of asecurity breach. Roughly 74% were concerned about losing critical data, while 58% listed compliance as a major concern.Validation for these concerns is only going to increase. More and more hackers are trying to siphon proprietary data off ofcorporate networks because it is a lucrative albeit illegal business. A balance must be created between maximizing employeeproductivity and preventing security breeches that can be devastating to the company whose network is infiltrated.fivE ways tO rEducE risk in a mObilE wOrkfOrcE and incrEasE EfficiEnciEsHosted services are being adopted quickly by companies interested in providing worker flexibility, increasing productivityand maintaining high levels of security. With proper planning, it’s possible to replicate the security characteristics of a LANthrough a cloud-based, hosted computing model, where dynamically scalable and often virtualized resources—applicationsand services—can be accessed and used over the Internet. Through this hosted model, companies can employ key tacticsthat help minimize the mobile blind spot and increase work efficiencies. These five tactics include:1. Ensuring visibility through continuous network monitoring.2. Protecting business end points from theft and infiltration.3. Safeguarding data at rest and in transit with encryption technologies.4. Tying access to directories, identities and roles.5. Enforcing productivity by extending office resources to employees working anywhere.Ensuring visibility with continuous monitoring — tracking Esssentials increases productivityNo insight equals no awareness. If you’re not aware of what’s going on in your network, your data could be at risk. An IToperations tool that can provide visibility to all corporate assets, including laptops, USB drives, phones and other portabledevices is essential to preventing breaches. Such a tool provides a single pane of glass through which IT staff can monitorall mobile devices carrying corporate data and helps enforce policies based on visibility; in other words, if the IT departmentcan’t track activity on a device, access over the corporate network will be denied.Monitoring services help reduce risk by enforcing devices are in compliance with corporate security policies, and byidentifying devices that are out of compliance. They determine whether or not devices are running the right versions of theright software with the appropriate access rights. The service should also provide reporting on failed compliance and be ableto take actions to remediate the issue. Copyright © 2009 Qwest. All Rights Reserved. Not to be distributed or reproduced by anyone other than Qwest entities. 2 All marks are the property of the respective company. September 2009. WP101111 1/10
  3. 3. Some monitoring services provide a dashboard from which administrators can easily check policy compliance on all devicesconnected to the network to assist with remediation. For example, an administrator can glance at the dashboard andsee that an executive is attempting an important task but can’t complete the task because his device is lacking a particularsoftware update necessary for compliance. Because he has this visibility, the administrator can immediately address theproblem and help the executive complete his task. In this way, monitoring tools help increase productivity and ensurebusiness continuity.protecting business Endpoints — requirements for complianceA second tactic to improving mobile security is to protect and update business endpoints—that is, mobile computers andany other device used to access corporate data. This is critical, even when the endpoint is not connected to the LAN.Users can connect to the Internet and unintentionally download viruses and worms that can infect the machine, whichcan in turn transfer the virus or worm to the corporate network once connected. Protection from startup to shutdown,anywhere the device is used, is necessary. All devices should have all the security controls in place, including encryptionsolutions and passwords, to be in compliance, both on or off the network.In the cloud, a hosted platform can provide monitoring to enforce policies and remediate out-of-date software on all non-compliant end points, or block non-compliant endpoints from connecting to the corporate network. These hosted servicescan speak to remote devices, gather compliance information and report back to the corporate network, displaying theresults on the administrator’s dashboard. This capability helps narrow the mobile blind spot significantly. Copyright © 2009 Qwest. All Rights Reserved. Not to be distributed or reproduced by anyone other than Qwest entities. 3 All marks are the property of the respective company. September 2009. WP101111 1/10
  4. 4. safeguard your business — maintaining your company reputationWith so many mobile workers, businesses cannot ignore the potential for loss or theft of corporate assets. What happenswhen an employee stops somewhere on the way home, leaves his computer in his car, and someone breaks into the carand steals it? Now, any sensitive data on the machine is vulnerable and in the hands of unauthorized people.Data protection is particularly important to a company’s reputation. You want to make sure your customers know theycan trust you will keep their information secure.Encryption technologies are the most common way to protect data at rest. Companies should employ hard driveencryption solutions that make all data invisible to thieves. Data leak prevention for data in motion prevents the leakage ofsensitive data by inspecting the content of files based on set policies and taking appropriate action.tie access to directories, identities and roles — protected access of corporate resourcesMost companies allow teleworking for a number or reasons. Teleworking supports green initiatives and offers employeesthe flexibility to work anywhere and thus be more productive. But is there a better solution for enabling remote workingthan buying, distributing and managing large laptop inventories?One way to minimize hardware costs is to leverage home computers that most workers already have. Companiescan provide access to corporate resources via USB drives and mobile keys, for example. Remote workers can sign onremotely by entering credentials using any personal computer, and have a desktop view of their work PCs at home. Withsingle sign-on, employees gain remote access to corporate resources, without having to physically take a laptop out ofthe office. This eliminates the risk of losing data through device theft or loss. Policies can be layered onto this model toprevent copying and pasting information from work desktops to personal devices, as well.minimize non-productive activity — Enforce policy with controlsAlthough teleworking can increase productivity by extending office resources to anywhere employees are, it’s importantto enforce that employees are indeed working when they are not in the office. In a down economy, acquisition decisionsweigh in productivity statistics heavily. Despite the demand for mobility in the workforce, unsupervised employees can beeasily distracted by personal business, such as email, web surfing and instant messaging.To prevent lost productivity that can result from an increasingly mobile workforce, put policies in place and then enforcethem through specified controls:• Establish a percentage of personal to business activities that remote workers should strive to achieve—75% may be a good goal.• Standardize on a single platform and limit ability for use of that platform outside company boundaries. For example, you can place a gateway in the network to archive all conversations between employees.• Notify employees that IM conversations are monitored and that logs are stored for managerial review.• Require manager approval for external messaging access.• Use software controls to restrict employees to using a company-wide platform only, and turn on the monitoring function.• Collect usage stats and generate reports to support disciplinary action.Keep in mind that even if you tell your employees you’re monitoring their usage, the reality is no one has time to actuallygo through all the logs. Send an email to every manager with a link to a log file of instant message files for each of theirreports. Suggest that managers review those links once a year.. Copyright © 2009 Qwest. All Rights Reserved. Not to be distributed or reproduced by anyone other than Qwest entities. 4 All marks are the property of the respective company. September 2009. WP101111 1/10
  5. 5. thE pEOplE and prOductivity havE lEft thE building — yOur sErvicE prOvidEr can hElp The truth is, business don’t have mobile and non-mobile workers anymore; every worker is mobile at some point. A workforce that has the flexibility to be creative and the freedom to lead balanced lives will be more content and loyal, and capable of moving the company forward. However, cyber crime is a recession-proof industry, and as the number of incidents continues to increase, so do security and compliance requirements for mitigating risk. Implementing the right policies and tactics will help you reap the benefits of mobility, without the risk. Companies that let the goal of preserving brand integrity guide their budgetary decisions develop strategies that make sense and make the most of the dollars in their budget. Here are a few things to keep in mind: • Objectively assess the number of mobile devices in your network and create a realistic security budget line item. • Identify key risk areas of your business—and determine what tactics make the most sense. What are the cost savings and impact to your business in terms of reputation, stock price, valuation and risk prevention? • Choose a provider who will work with you to consolidate architectures and provide an integrated approach. • Stay in touch with your service provider and stay abreast of the tools available to you to help reduce risk and eliminate the mobile blind spots. CoNNeCt. SiMpliFY. eNhANCe. ® with Qwest Business Solutions® Qwest is focused on helping you work smarter, with services that leverage the latest technology and award-winning support. Here are a few solutions that can address the issues covered in this solutions brief: QwEst mObility™ Qwest Mobility lets you expand your business with a reliable, managed mobility solution. Qwest Mobility simplifies the management of security features and company policy for desktop and laptop users, whether traveling for business, working from home, at the office or temporarily assigned to non-office locations. This is an ideal service for customers needing a solution that seamlessly integrates all necessary components for endpoint enforcement, remediation, VPN client integration, disk encryption and data leak protection. managEd sEcurity sErvicEs With Managed Security Services, Qwest can administer and monitor your network on your behalf while you concentrate on other mission-critical elements of your business. Let Qwest allow you to focus on what’s important—your business. And, save you time and money through the use of our expert tools, skills, and processes to improve system uptime and performance, optimize security investments, improve employee productivity, and demonstrate compliance. Tools such as Qwest Anti-Virus/ Anti-Spam, Qwest Web Defense, and Qwest Managed Firewall create layers of protection to help reduce the costs and complexity associated with managing security while preventing the impact of security threats.why QwEstQwest delivers reliable, scalable data and voice networking solutions, across one of the U.S. largest fiber footprints.Qwest serves businesses of all sizes, ranging from small business to 95 percent of Fortune 500 companies, with industry-leading SLAs and world-class customer service.lEarn mOrEFor more information about Qwest voice and data services for large businesses, visit www.qwest.com/business or call(877) 816-8553 to speak to a Qwest representative. Copyright © 2009 Qwest. All Rights Reserved. Not to be distributed or reproduced by anyone other than Qwest entities. 5 All marks are the property of the respective company. September 2009. WP101111 1/10