Cisco Blogs


Cisco Blog > Security

Minimize Threats from Non-Corporate Mobile Apps

November 14, 2014 at 7:18 am PST

Our customers are continuing to feel the pain of having to increasingly support off-premise mobile devices like smartphones and tablets. The critical need to rapidly onboard these devices to connect to corporate services and applications pretty clearly provides business with a  competitive advantage (Cisco Enterprise Mobility Landscape Wave II Study – April 2014) in improving workforce efficiency.

Consider the sales person who needs to check a customer order from his corporate- sanctioned tablet in the customer’s lobby.  Look at the contractor with their personal smartphone who needs to access project emails from home.

What is the big problem? The rush to provide access to these off-premise devices means we have reduced or even discarded needed security controls when it comes to remote connectivity for mobile devices. Offering access from any device, any location, anytime, opens the door to potential security threats.  The mobile endpoint is a threat vector with 68% of organizations saying their mobile devices were targeted by malware in the last 12 months (Ponemon Research.)

What if I secure these devices using VPN technology in the same way as laptops? While, ”Turning On” VPN on any endpoint means that all traffic and applications (personal and enterprise) are all transmitted over the same VPN channel to access corporate networks.  This co-mingling of corporate and user apps allows the possibility of un-compromised user applications polluting corporate infrastructure and increases the risk of threats to the network.

So now what? I don’t want to enable VPN every single time I try to look up a document or use salesforce.com or access email. That increases the complexity for the user and gives them a reason to either find a way around the process or nullifies the efficiency business want to promote with their mobile workforce.

The answer lies with the introduction of Cisco AnyConnect 4.0 offering  customers the ability to deliver per-application secure access for only approved corporate applications in way that is seamless to the user.  By just clicking on the registered corporate application I want to use, I can automagically create a secure connection for JUST that application each time. This means I don’t mix access to corporate resources between authorized applications and potentially infected user applications. It even reduces bandwidth and IT resource usage since user applications do not get tunneled back to corporate and has to go through user networks (mobile or WiFi).

PerAPP

Enterprises want to empower their mobile users to work from anywhere while IT wants a simple way to control and secure enterprise access consistently across any device whether on or off-premise.   AnyConnect continues to evolve to provide integrated and flexible security and access control for any remote and/or mobile endpoints.

AC

 

 

 

 

To learn more how to better secure your remote endpoints, check out Cisco AnyConnect

Tags: , , , ,

The Foundation for a Business Relevant Network

With the growing influx of new mobile devices, connected things, bandwidth intensive applications and more data, the network is more relevant to business success than ever before.  Back in June of 2012, Cisco saw that we needed to move away from multiple network systems loosely linked together to an agile and simple infrastructure, streamlined policy and centralized management would be needed to support new business demands. We called it Cisco Unified Access and we aligned the solution to three pillars: One Network, One Policy and One Management.

For the last few years, we have focused on delivering new products and functionality under this Unified Access model. Below is a timeline of products released as part of the Unified Access framework. Cisco lead the way in delivering gigabit 802.11ac Wi-Fi., converged wireless control in access switches and through the acquisition of Meraki – a complete cloud-managed network solution.

foundation

The timeline above doesn’t represent every feature and function we have delivered, but it shows Cisco’s commitment to this Unified Access model, both from a cloud-managed and on-premise solution perspective.

Today, Cisco is announcing a number of new products and new functionality to existing products that will help mobilize the workforce, secure the business and increase IT agility. The announcement includes the following: Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Improving Email at Cisco Part 2 – The Employee Process Side

I’d mentioned earlier (see Improving Email at Cisco Part 1 – The IT Technology Side) that email has its ugly side:

  • Too many
  • Most of them are a waste of time
  • Emails will, occasionally, carry virus payloads (or link you to sites that have worse); and yet
  • I can’t live without it Read More »

Tags: , , , , , , , , , ,

Security: Front and Center at Cisco Live Cancun 2013

November 12, 2013 at 5:00 am PST

This year I was honored to be able to present and participate at Cisco Live Cancun, which took place last week. Many attendees from North, Central and South America and the Caribbean came to discover innovative ways that networking technologies can help them reach new markets and understand which solutions are right for their specific challenges.

Security was a hot topic this year!

Customers were able to connect with numerous experts for guidance and advice on security IT challenges that their company may be facing. Maintaining an appropriate security posture in “Bring Your Own Device” (BOYD) environments can be a challenge. This year I delivered a presentation about BYOD Security and Cisco’s TrustSec in an 8 ½ hour session titled “Bring Your Own Device – Architectures, Design and Operation” (TECRST-2020). Implementing BYOD requires a comprehensive solution that ensures the security and reliability of the network while enhancing user experience and productivity. The exponential growth of consumer devices and the need to maintain continuous connectivity to corporate and Internet resources has brought new challenges to corporate networks. Network managers struggle to provide adequate connectivity to employees while protecting corporate data. This session focused on the architecture and framework required to deploy the proper network infrastructure, security components and device management to support different endpoints, each with unique permissions into the network. A combination of lectures and live demos provided the information needed for customers to build an effective BYOD solution. The latest Cisco Validated Design guide (CVD) 2.5 for BYOD was covered highlighting different BYOD use cases, including TrustSec, converged access and the integration with Mobile Device Managers (MDM) to receive device posture information. Read More »

Tags: , , , , , , , , ,

A Financial Service Organization Speaks Out on Secure Access

October 14, 2013 at 9:41 am PST

Are your finances secure with your financial institution? Vystar Credit Union in Florida, USA speaks out on one of their recent efforts to ensure highly secure access at their institution. With the pressures of compliance and the need to protect their institution’s network and assets, Vystar deploys ISE and AnyConnect with great success. Most recently coming from Gartner IT conference in FLA I had a chance to speak with other organizations that expressed secure access concerns. Read More »

Tags: , , , , , ,