Cisco Blogs


Cisco Blog > Security

The Day I Lost My Mobile with Sensitive Corporate Data

November 26, 2012 at 8:18 am PST

It was a dark, cold, and scary night when I returned from dinner with friends and noticed that my mobile phone was missing. It had corporate sensitive data such as emails, calendar events, and documents, as well as personal data (including pictures, videos and other documents). Well, let me be honest with you, I didn’t really lose my phone. However, many cell phones, tablets, and other gadgets are lost or stolen on a daily basis. The problem of stolen mobile devices is huge. According to a report from the Federal Communications Commission (FCC) earlier this year, about 40 percent of robberies in Washington, D.C., New York, and other major cities now involve mobile devices. The FCC has teamed up with the nation’s top wireless carriers, including AT&T, Verizon, T-Mobile, and Sprint, to develop a database of stolen mobile devices.

Allowing employees to access corporate email, critical business applications and data makes workers more productive and effective. Finding just the right balance when allowing easy access to the applications that users need to be more productive, while maintaining the integrity and security of enterprise resources, will give your organization a competitive advantage.

Stolen and lost devices are among the many challenges of mobile device security.

Read More »

Tags: , , , , ,

Live Broadcast: John N. Stewart to Discuss Cyber Security for the Holiday Season

The National Retail Federation predicts that Holiday Shopping this year will grow to $586.1 billion, with a record percentage of those purchases occurring online and from mobile devices.

As more shoppers make purchases online and on their mobile devices, Cyber Monday is fast becoming Mobile Monday, opening up a variety of new threats and challenges for shoppers. And even after the shopping is done, consumers need to take care when they open their presents and turn on new devices for the first time, and know what to expect when they bring their purchases to work or school in early January.

Join us on Wednesday, Nov. 28 at 10:00 AM PT for a live discussion with John N. Stewart, SVP and Chief Security Officer of Global Government and Corporate Security at Cisco. John will address topics ranging from how to stay safe while shopping online, tips for securely setting up gifts you receive, and how to safely bring new devices into work and school in the new year.

Read More »

Tags: , , , ,

November 20th Webinar: Protecting Industrial Control Systems Using Cisco IPS

We invite you to join us for a webinar scheduled for 20 November 2012 where we’ll discuss how to protect Industrial Control Systems using Cisco Intrusion Prevention Systems (IPS).

Industrial control systems is the term used to identify several types of control systems, including supervisory control and data acquisition (SCADA) systems, process control systems (PCSs), and other smaller control system types, such as programmable logic controllers (PLCs), used in critical infrastructure such as power plants, oil and gas pipelines, electrical power distribution, and manufacturing facilities.

Historically these control systems were kept separate from the corporate network.  Because of this isolation they were traditionally difficult to break into because of their separation for health and safety reasons.

More recently, control systems may be running Windows or Linux, using the Internet Protocol (IP) to communicate, giving direct access to SCADA networks via the Internet. Wireless and Bluetooth capabilities allow remote management and diagnosis. These connections to the outside create a massive challenge from a security perspective for the following reasons:

Read More »

Tags: , , ,

AnyConnect 3.0 for Android Product Announcement

Following up on my last note about BYOD at Cisco, I wanted to update you on the latest numbers here at Cisco. As Sheila Jordan had pointed out here, we have surpassed the 20% tablet penetration among our workforce and mobile devices continue to grow at a rate of 1,000 each month. I highly recommend you doing a quick read on her six steps of approaching device deluge. Meanwhile, the latest IDC report (Aug 8, 2012) reaffirms the 2-horse race in the smartphone world. Android and iOS powered 85% of all smartphones shipped in the second quarter of 2012 (2Q2012).

Maintaining our market leadership in supporting the broadest set of Operating Systems (desktop and mobile) and Web Browsers, Cisco Security is excited to announce the availability of AnyConnect 3.0 for Android (Download here). As in the past, we have worked with the market leading Android device makers along with supporting the Android VPN Framework (AVF) to ensure the latest AnyConnect functionality. These new features are now available on any Android device running on version 4.0 (Ice Cream Sandwich) or higher (including Jelly Bean).

SOME KEY FEATURES OF ANYCONNECT 3.0 FOR ANDROID:

  • Intel Android (IA): The Android VPN Framework (AVF) image is now compatible with x86 Intel Android devices.
  • IPsec IKEv2: AnyConnect users can connect via IPsec IKEv2 connections to their corporate Cisco ASA in addition to SSL (TLS or DTLS). (Requires ASA 9.0+)
  • Suite B Cryptography: AnyConnect users who need NSA’s recommended Suite B Cryptography will be now able to do so from their mobile devices. (Requires ASA 9.0 and AnyConnect Premium Licenses.)
  • Untrusted Certificate Warnings: Reduces Man-in-the-Middle attack risk by rejecting untrusted certificates by default and requiring end-users to acknowledge risks before connecting to a gateway with an untrusted certificate.
  • SCEP Proxy: AnyConnect users can enroll their mobile device with an internal Certificate Authority (CA) Server, using SCEP without opening up the CA Server directly to external threats. (To embed the identity of the mobile endpoint in the certificate request, Mobile Host Scan must be utilized, which is an AnyConnect Premium License feature).
  • FIPS 140-2 Compliant: AnyConnect users now have access to the latest FIPS 140-2 cryptographic compliant module to meet industry compliance/mandates.

Read More »

Tags: , , , , ,

BYOD Presentations at Cisco Live Cancun 2012

November 15, 2012 at 4:31 pm PST

I just returned from Cancun after delivering a BYOD seminar, as part of Cisco Live Mexico 2012. Bring your own device (BYOD) was a hot topic at Cisco Live in Cancun. There were several in-depth presentations regarding the architecture, design, implementation, and troubleshooting of all the technologies related to BYOD. I had the pleasure and opportunity to deliver a presentation related to remote access VPN implementations related to BYOD, as part of an 8-hour seminar:

  • TECRST-2020 -- Bring Your Own Device -- Architectures, Design and Operation.

Other BYOD-related sessions delivered this week were:

  • BRKEWN-2020 -- Securely Managing the BYOD Phenomena
  • BRKCOC-1567 -- Inside Cisco IT: BYOD… Coping with the Explosion of Mobile Devices in the Enterprise

Imran Bashir provided a detailed introduction about BYOD and the key considerations when implementing BYOD solutions and technologies in your environment. He then went into the details about the Cisco BYOD solution and the integration with the Mobile Device Management (MDM) solutions from other vendors and partners. This was followed by product demonstrations for device on-boarding, profiling, posture/compliance check and the integration with MDM third-party solutions.

Read More »

Tags: ,