“It’s not secure enough… so we are not going to allow it to happen.”
Does this phrase seem all too familiar?
Today, IT and business leaders are faced with the challenge of securing any user from any location on any device with access to any information. At times, it can be a daunting road to travel on the path towards true enterprise mobility security. This is especially true as the combination of sophisticated threats and new mobile capabilities and applications are continuing to shape the role and evolution of security controls and policies.
As the mobile endpoint becomes the new perimeter, how can organizations evolve their mobility security policies to mitigate risk? Is protecting information at the data or device level the way to keep employees and assets secure when users conduct business on untrusted networks?
Recently, I had a chance to participate in a new Future of Mobility podcast with Dimension Data’s Stefaan Hinderyckx, to discuss the biggest challenges our customers are seeing as they deploy enterprise mobility security solutions.
Many CSOs that Stefaan speaks with are seeing the clear and present danger of opening their networks, devices and applications to a new mobile world. Yet, many are not shying away from the benefits that enterprise mobility offers. They say:
“Mobility is inevitable. It’s happening and we need to embrace it and deliver it for the business.”
With this in mind, how can IT and business leaders address key challenges and embrace a holistic approach to secure enterprise mobility?
Complexity: There Are No Boundaries Anymore
One of the biggest challenges our customers are seeing is the increase in complexity as they work to meet business needs through mobility, all while keeping users and assets secure.
Simply put, there are no boundaries anymore. There is no place you can put a firewall to make things secure on the inside and insecure on the outside.
A major reason for this complexity is the result of approaching security in a siloed manner. It can be complex to try to secure the device, data on the device, the user and the network in a disparate way!
IT and business leaders need to work together to make the whole environment secure. It is no longer enough to find point solutions to data-centric or device-centric controls, the only way to be confident in your approach is to build a holistic strategy.
Read More »
Tags: access control, Data Classification, Holistic Strategy, mobility, policies, security, Security Control
I remember growing up in the UK years ago during the UK’s ‘North Sea Oil Boom’. It was a time of great excitement and opportunity for the nation. A whole industry was developed to deal with offshore exploration to ‘bring the energy home’.
It was Aberdeen’s local ‘moon landing’ event - just five months after Neil Armstrong landed on the moon, the North Sea oil fields were discovered off the east coast of Scotland. Certainly parts of Scotland, Aberdeen especially, saw an uptick in employment from the gloomy ’60s, and the economy changed from rural farming, fishing and textiles to include a more industrial oil and gas setting. Employment, property prices and investment in the City boomed.
Ferguson is a great Scottish name, but the founder is a great example of how folks were attracted from outside Scotland (founder Bill Ferguson Jr. is an American) to help further the oil industry in Scotland. Today, Ferguson Group are a key part of the Aberdeen economy, as a leading suppliers of containers, accommodations, and workspace modules for the offshore energy industry (now worldwide).
I thought I’d share how Ferguson conquered a business challenge -- namely protecting high-value equipment and, at the same time, use a standardized system and process worldwide whilst keeping up with industry security standards.
As Graham Cowperthwaite said in a recent article: “For years our headquarters in Scotland relied on an analog video security system”. Graham is director of operations at Ferguson Group, and went on to say “That system wasn’t meeting our needs in terms of image quality and remote accessibility.” He added: “For example, our board members are often traveling between bases, and want to have the ability to check back on facilities from any networked location, even from an iPad. We simply couldn’t do that with an analog system.”
So Ferguson switched from a an analog security system to an IP-based solution, from Cisco. And it wasn’t just cameras and door hardware. They also needed to consider the security and reliability of the network on which camera images and access history would be transmitted and stored.
“We looked at other physical security offerings on the market, but nothing came close to Cisco in terms of comprehensiveness,” says Graham Cowperthwaite. “Only Cisco could provide us with a total combination of Cisco IP video cameras, door readers, firewalls, and routers, all available globally with the highest levels of vendor support. We were already a Cisco house in terms of our network infrastructure, and the interoperability of these solutions fit in perfectly with our goals for standardization.”
Ferguson Group now relies on the Cisco® Video Surveillance Manager to monitor its entire facility in Aberdeenshire, including doors, buildings, and the many valuable assets in the company’s storage yard. Supervisors on the Ferguson network can access live, high-quality footage on a laptop or mobile device. They can even review recorded footage as necessary. This all runs on an integrated Cisco architecture (based on Cisco Desktop Virtualization with VMware (VXI), running on the Cisco Unified Computing System™ (UCS®), for the techies amongst you!).
The business results? Read More »
Tags: access control, Energy, ferguson group networking, ip video surveillance, oil and gas, physical security, rigs, security, UCS, vdi, vxi
Cisco IT is deploying Identity Services Engine (ISE) globally. ISE is a security policy management and control platform that automates and simplifies access control and security compliance for wired, wireless, and VPN connectivity. We’re running ISE 1.2 Patch 3 globally and evaluating Patch 5 for its guest networking enhancements. Over the next few months, I’d like to share some of our best practices and lessons learned as we continue our ISE deployment. Much of the background and deployment work before my blog can be found in this published article. Read More »
Tags: access control, Cisco IT, coc-security, Identity Services Engine, ISE, it security, security, security policy management
This past weekend was Mother’s Day here in the United States, and being a mother of two high-tech savvy teenage children, I pondered what my kids has in store for me. I was surprised with the latest iPad! Eventually, I started asking myself: would Cisco allow me to use it for work?
Luckily, Cisco has a BYOD policy in place and a long-term vision for an Any Device, empowering our employees to use the device they want to be productive. For other working mothers who may have also gotten a new iPad or mobile device for Mother’s Day, what does your company say about using this new personal device? Will you “Lock It Up or Free It Up”? (a notion introduce at RSA conference this year). How will IT department respond to this request?
One of the biggest concerns folks have for BYOD is security. Just this past week, Cisco was showcasing our Secure BYOD solution at Interop, with the TechWiseTV folks sitting down with my colleague Bill McGee to help you answer the call of mobile devices on your corporate network. Take a look at the video for yourself, but blurring the lines between personal and corporate device doesn’t pose such a security challenge anymore. Related to this topic, we are holding a webcast May 16th focused on the Network Built for the Mobile Experience. You can join our CTO and SVP, Padmasree Warrior, along with stories from British Telecom and Eagle Investment on how they are transforming their workplace, and allowing their employees to work “Your Way” without compromising the business. For more details click here, and for those who want to continue this conversation--
Working Mothers: I would like to hear from you -- did you get that new mobile device this Mother’s Day or do you already have a neat personal device -- Do you bring it into work? Do you share it with your family?
IT departments: What is your BYOD policy is, and are you busy provisioning all those new mobile devices from this past weekend?
Tags: access control, byod, byod security, mobile devices, Mother's Day, working mother
I have a confession: I’m a technology late-adopter. On Rogers’ Innovation Adoption bell curve, I probably fall somewhere in the ‘late majority’ — I like the tried and true.
But with a few years and many advances, I’m back on Facebook (my short experience with it left me with privacy paranoia), and if you can believe it, I’m now an iPhone user. I appreciate not lugging around my iPod, and having a camera ready whenever I need it, but it’s not only the extra bells on the integrated device that has impressed me -- it’s the realization that I don’t have to compromise functionality to have it all.
Another technology that has made a lot of strides since its entry into the market is integrated router security. Read More »
Tags: access control, asr 1000, Cisco ISR G2, firewall, security, TrustSec, vpn, VPN routing/forwarding, WAN