Keep mobile devices secure

(19/04/2007)

Security managers invariably make compromises when selecting security solutions for their remote workers while trying to balance key dimensions including:
· Strength of protection
· Implementation and maintenance cost
· Restrictions upon access to corporate data
· Restrictions imposed on users to prevent them compromising the security solutions
· Usability of the technology
· Effect on mobile device performance

With laptops sales outstripping PC sales for the first time ever, protecting the mobile workforce is heading to the top of the list of IT security concerns in 2007. As this trend for laptop use and wireless networking grows, the market has responded with a fast expanding range of products designed to protect networks from threats, which range from organised crime, Trojan horses, rogue access points, viruses, worms, hackers, malicious code writers and denial-of-service attacks.

It is well known that the problem of coordinating and managing multiple client security technologies across the enterprise is driving the convergence of products such as anti-virus, anti-spyware and personal firewall. This is happening widely at an SME and enterprise level through UTM technologies which some believe are more powerful and effective than standalone solutions.

However, while IT professionals rely on these integrated solutions and will primarily focus on hardware-based security appliances to protect an organisation’s perimeter, roaming workforces are not afforded the same level of protection. Currently, as soon as a user packs up his laptop and leaves the protected enterprise environment, all the investment and professional effort that built the corporate security gateway becomes null and void.

Outside the corporate network laptop users are at the frontline with no first line of defense. The first line of defence is the gateway which is largely based on a comprehensive set of IT security appliances running secured and hardened OS, with Firewall, IDS, IPS, Anti Virus, Anti Spyware, Anti Spam and Content filtering. The second line is based on the Personal Firewall and Anti Virus software installed on end-user’s computers. When implemented on a laptop, this first line of defence prevents threats from entering the device and via it the network. With increasing laptop use, a shift to extending the common fixed computing practice of two lines of defence is inevitable.

Increasingly sophisticated ‘on the road’ attacks, demonstrate to some degree how best of breed software on a laptop will potentially always need an additional layer of security as:
§ Operating Systems suffer inherent vulnerabilities - by definition, security software running on Windows is subject to inherent Windows vulnerabilities, effectively exposing personal firewall and antivirus applications to malicious content attacks.
§ Unknown threats – security software can only defend against known threats. By the time these threats are added to the knowledge base, it may be too late
§ Immediate damage - malicious content executes directly on the platform to be protected, rather than on a security appliance designed to filter the content and serve as a buffer
§ Management of security levels – making sure all the computers have installed the latest security updates and enforcing a unified security policy can be very difficult. When the computers themselves are at the frontline, these security weaknesses can be disastrous to the entire network. In other words, it’s “all or nothing”, either the entire network is secured or nothing is secured

With this in mind, IT security managers need to find different and better ways to keep mobile devices secure irrespective of where they find a connection to the network. By looking beyond current software only solutions and combining them with hardware appliances many of the advantages enjoyed by fixed computing can now be transferred to shield mobile computers, which are increasingly under attack as the most vulnerable parts of the network.

Article contributed by By Shlomo Touboul, CEO, Yoggie Security Systems. Yoggie Security Systems is exhibiting at Infosecurity Europe 2007, Europe’s number one dedicated Information security event.

Related topics:  IT Network and Computer Security   Security market sectors 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources