Following up on my last note about BYOD at Cisco, I wanted to update you on the latest numbers here at Cisco. As Sheila Jordan had pointed out here, we have surpassed the 20% tablet penetration among our workforce and mobile devices continue to grow at a rate of 1,000 each month. I highly recommend you doing a quick read on her six steps of approaching device deluge. Meanwhile, the latest IDC report (Aug 8, 2012) reaffirms the 2-horse race in the smartphone world. Android and iOS powered 85% of all smartphones shipped in the second quarter of 2012 (2Q2012).

Maintaining our market leadership in supporting the broadest set of Operating Systems (desktop and mobile) and Web Browsers, Cisco Security is excited to announce the availability of AnyConnect 3.0 for Android (Download here). As in the past, we have worked with the market leading Android device makers along with supporting the Android VPN Framework (AVF) to ensure the latest AnyConnect functionality. These new features are now available on any Android device running on version 4.0 (Ice Cream Sandwich) or higher (including Jelly Bean).

SOME KEY FEATURES OF ANYCONNECT 3.0 FOR ANDROID:

• Intel Android (IA): The Android VPN Framework (AVF) image is now compatible with x86 Intel Android devices.
• IPsec IKEv2: AnyConnect users can connect via IPsec IKEv2 connections to their corporate Cisco ASA in addition to SSL (TLS or DTLS). (Requires ASA 9.0+)
• Suite B Cryptography: AnyConnect users who need NSA’s recommended Suite B Cryptography will be now able to do so from their mobile devices. (Requires ASA 9.0 and AnyConnect Premium Licenses.)
• Untrusted Certificate Warnings: Reduces Man-in-the-Middle attack risk by rejecting untrusted certificates by default and requiring end-users to acknowledge risks before connecting to a gateway with an untrusted certificate.
• SCEP Proxy: AnyConnect users can enroll their mobile device with an internal Certificate Authority (CA) Server, using SCEP without opening up the CA Server directly to external threats. (To embed the identity of the mobile endpoint in the certificate request, Mobile Host Scan must be utilized, which is an AnyConnect Premium License feature).
• FIPS 140-2 Compliant: AnyConnect users now have access to the latest FIPS 140-2 cryptographic compliant module to meet industry compliance/mandates.

Read More »

Tags: Android, anyconnect, bring your own device, byod, Cisco AnyConnect, secure mobility

I attended MobileCon 2012, the newly branded CTIA enterprise and application event, earlier this month. I noticed the common theme this year was MDM-BYOD-Cybersecurity. Given the recent McKinsey report that indicated 77 percent of CIOs today state that they will allow some form of consumerization in the coming few years, IT professionals are challenged to increase flexibility without compromising security

Throughout the event, I heard many BYOD case studies with a huge interest/following in data and metrics. On this theme, I thought our own Cisco BYOD case study that we have been sharing with our customers would be of interest to this community.

Note, I will provide updated numbers soon as my peers continue to seek out the latest and greatest mobile devices here in the center of Silicon Valley.

For Cybersecurity, I’d like to follow up on John Stewart’s thoughts from yesterday. October is National Cybersecurity Awareness Month, and the joint-task theme between public and private industries resonated across the show. On this note, Cisco is one of the contributors in CTIA’s recently released Cybersecurity Whitepaper.

In my next few blogs, I want to share interesting facts I’m calling, “Did U Know Data for Mobile Security.” The first fact comes from Osterman Research, Inc. for Azaleos.

“The leading factor (34%) cited for deploying an MDM solution was the potential for loss of intellectual property.”

Tags: bring your own device, byod, cyber, cybersecurity, MDM, Mobile Device Management, mobile devices, mobilecon, STIA

The verdict is in — and it is all about security. Recent research from The Economist notes that security is the top concern for mobility and BYOD. Organizations want to embrace BYOD but want control to ensure secure access to the network. Chuck Robbins, Cisco Senior Vice President, wrote a blog entry that underscores what we hear almost daily in conversations with our customers and partners. The organizations we speak to have mobility policies that range from no personal devices allowed at all (which is really not BYOD), to policies that permit all personal devices with restricted access, and still others that allow all devices with differentiated access based on the device type, user, and posture.

Some common differentiation access use cases may include:

• Allow my sales force to access the proposal portal remotely from their iPads but do not allow them access to the finance database.
• Do not allow any jail broken device, whether personal or corporate-owned, because there is a high probability it has been infected with malware. A device is considered jail broken when the user gains root access to the operating system, allowing applications or extensions to be downloaded that are not available in the Apple Application store, which increases the risk of malware infection.
• Automatically check to see if the device has pin-lock and disk encryption (basic device security), grant the device the appropriate access. If not, it will be diverted with the non-compliance explanation.

Another interesting observation is many of our higher education customers are starting to see eight devices per user versus the three devices noted. Watch out! The next workforce has some real potential to influence the new workplace.

To help organizations get ready for securing BYOD, we have a paper on Readiness Assessments: Vital to Secure Mobility; check it out.

Stay tuned -- later this year we look forward to sharing with you some further insight on mobile workers and their perceptions and behaviors regarding security. For example, how many folks download sensitive data on their personal smartphone? Or when an alert or pop-up warning occurs on their personal device what do they do? How many engage in risky behavior? Who is security aware? If you are a mobile device worker it would be great to hear your understanding of the security of your personal device in the new workplace.

Tags: bring your own device, byod, iPad, malware, mobile device

Following up on our Data Center launch on Sept. 12, there have been significant enhancements to Cisco AnyConnect Secure Mobility Solution, the industry recognized SSL/VPN solution. With a track record of leading the traditional VPN market, Cisco hit market milestones in the past with built-in features to the AnyConnect Secure Mobility Client, such as network access manager that offers administrators the ability to control which network end points are able to connect to and other built-in modules that enable web security either through the on-premises Cisco Web Security Appliance (WSA) or the cloud-based Cisco Cloud Web Security offering.

Now, with AnyConnect Secure Mobility Client 3.1, Cisco continues to help enterprise customers with their business transformation needs (ie-BYOD) securely.  As long as ‘consumerization of IT’ continues to gain inroads into the corporate network, IT professionals will seek investments in tools that will help support their attitude change from mandate to choice.  Having a mobile DNA has been a significant attribute for Cisco as AnyConnect continues to support one of the broadest OS (desktop and mobile) and browser portfolios in the market today.

Read More »

Tags: anyconnect, bring your own device, byod, secure mobility, SSL VPN, vpn

Today I am fortunate to attend 12th semi-annual Telework Exchange Town Hall conference in Washington D.C.

This year’s theme Mobility in the Fast Lane integrates two parallel tracks: Mobile IT and Mobile Workforce with best practice sharing around the rapid rate of adoption of technologies for telework, mobility, cloud, bring your own device (BYOD), collaboration, video and secure remote access to provide capabilities to address mandates including the President’s memorandum for 21st century digital government and the mobility strategy from the Federal CIO and CTO.

John D. Porcari, Deputy Secretary, U.S. Department of Transportation kicked off the conference keynote.  He is responsible for day-to-day operations of the 10 modal administrations and the work of more than 55,000 DOT employees nationwide and oversees.

Read More »

Tags: bring your own device, Mobile Government, telework, video