Cisco Blogs


Cisco Blog > Mobility

Reflections from the Floor at NRF 2013

panoramaAfter a long day of showing the Cisco BYOD Smart Solution and Cisco Connected Mobile Experiences solutions at the 2013 National Retail Federation (NRF) trade show, I am waiting for a colleague to meet me for a well-deserved dinner. I had many, and yes there were MANY, conversations with Retail IT professionals,  and nearly every conversation I had seemed to revolve around the same two problems:

  1. How do I allow employees and / or customers to access the network when I don’t have dedicated local IT support?
  2. How do I give up the control and make sure my security and compliance requirements are met?

We know almost all organizations are struggling with BYOD, but it’s now clear that the lack of local IT support adds a new dimension to the problem. With the increased adoption of mobility, there’s also the added complexity of security and compliance, and with all the connected consumers walking around, it’s becoming a growing concern in the retail space. Retail organizations want to take advantage of the promise that leveraging Wi-Fi access to engage with employees and customers, but fear the management and security of such services.

Fortunately, Cisco is addressing both these issues with its mobility solutions.

Read More »

Tags: , , , , , , , , , , , , ,

To Bring Or Not to Bring?

There’s no question, the employee-led mobility revolution has arrived. Will the Bring-Your-Own-Device (BYOD) policies that must inevitably follow come soon enough?

Everyone is bringing their devices, everywhere they go. People, no matter their occupation, want to check the news, keep in touch, catch up on email, and stay productive or entertained wherever they are. So the real question for government organizations becomes, “how do we address this mobile explosion and the proliferation of employee devices?”

IMG_6600TabletGovt.Many have yet to implement BYOD policies for fear of the security implications and exposing sensitive data. But what is the security risk of doing nothing? In a recent Forrester survey of 498 government employees from around the world, more than half of the respondents (57%) said their organizations provided limited or no support for employee devices and some even said their employers prohibit mobile devices outright. The survey also revealed that 3 out of 10 government workers in these situations find “alternative ways” of using their device for work.

This poses a problem for government agencies: having no policy or prohibiting devices is risky because employees are bringing and using their devices anyway.

Read More »

Tags: , , , , ,

AnyConnect 3.0 for Android Product Announcement

Following up on my last note about BYOD at Cisco, I wanted to update you on the latest numbers here at Cisco. As Sheila Jordan had pointed out here, we have surpassed the 20% tablet penetration among our workforce and mobile devices continue to grow at a rate of 1,000 each month. I highly recommend you doing a quick read on her six steps of approaching device deluge. Meanwhile, the latest IDC report (Aug 8, 2012) reaffirms the 2-horse race in the smartphone world. Android and iOS powered 85% of all smartphones shipped in the second quarter of 2012 (2Q2012).

Maintaining our market leadership in supporting the broadest set of Operating Systems (desktop and mobile) and Web Browsers, Cisco Security is excited to announce the availability of AnyConnect 3.0 for Android (Download here). As in the past, we have worked with the market leading Android device makers along with supporting the Android VPN Framework (AVF) to ensure the latest AnyConnect functionality. These new features are now available on any Android device running on version 4.0 (Ice Cream Sandwich) or higher (including Jelly Bean).

SOME KEY FEATURES OF ANYCONNECT 3.0 FOR ANDROID:

  • Intel Android (IA): The Android VPN Framework (AVF) image is now compatible with x86 Intel Android devices.
  • IPsec IKEv2: AnyConnect users can connect via IPsec IKEv2 connections to their corporate Cisco ASA in addition to SSL (TLS or DTLS). (Requires ASA 9.0+)
  • Suite B Cryptography: AnyConnect users who need NSA’s recommended Suite B Cryptography will be now able to do so from their mobile devices. (Requires ASA 9.0 and AnyConnect Premium Licenses.)
  • Untrusted Certificate Warnings: Reduces Man-in-the-Middle attack risk by rejecting untrusted certificates by default and requiring end-users to acknowledge risks before connecting to a gateway with an untrusted certificate.
  • SCEP Proxy: AnyConnect users can enroll their mobile device with an internal Certificate Authority (CA) Server, using SCEP without opening up the CA Server directly to external threats. (To embed the identity of the mobile endpoint in the certificate request, Mobile Host Scan must be utilized, which is an AnyConnect Premium License feature).
  • FIPS 140-2 Compliant: AnyConnect users now have access to the latest FIPS 140-2 cryptographic compliant module to meet industry compliance/mandates.

Read More »

Tags: , , , , ,

Perspectives on MobileCon 2012

I attended MobileCon 2012, the newly branded CTIA enterprise and application event, earlier this month. I noticed the common theme this year was MDM-BYOD-Cybersecurity. Given the recent McKinsey report that indicated 77 percent of CIOs today state that they will allow some form of consumerization in the coming few years, IT professionals are challenged to increase flexibility without compromising security

Throughout the event, I heard many BYOD case studies with a huge interest/following in data and metrics. On this theme, I thought our own Cisco BYOD case study that we have been sharing with our customers would be of interest to this community.

Note, I will provide updated numbers soon as my peers continue to seek out the latest and greatest mobile devices here in the center of Silicon Valley.

For Cybersecurity, I’d like to follow up on John Stewart’s thoughts from yesterday. October is National Cybersecurity Awareness Month, and the joint-task theme between public and private industries resonated across the show. On this note, Cisco is one of the contributors in CTIA’s recently released Cybersecurity Whitepaper.

In my next few blogs, I want to share interesting facts I’m calling, “Did U Know Data for Mobile Security.” The first fact comes from Osterman Research, Inc. for Azaleos.

“The leading factor (34%) cited for deploying an MDM solution was the potential for loss of intellectual property.”

Tags: , , , , , , , ,

Talk Security When You Talk BYOD

October 24, 2012 at 7:30 am PST

The verdict is in — and it is all about security. Recent research from The Economist notes that security is the top concern for mobility and BYOD. Organizations want to embrace BYOD but want control to ensure secure access to the network. Chuck Robbins, Cisco Senior Vice President, wrote a blog entry that underscores what we hear almost daily in conversations with our customers and partners. The organizations we speak to have mobility policies that range from no personal devices allowed at all (which is really not BYOD), to policies that permit all personal devices with restricted access, and still others that allow all devices with differentiated access based on the device type, user, and posture.

Some common differentiation access use cases may include:

  • Allow my sales force to access the proposal portal remotely from their iPads but do not allow them access to the finance database.
  • Do not allow any jail broken device, whether personal or corporate-owned, because there is a high probability it has been infected with malware. A device is considered jail broken when the user gains root access to the operating system, allowing applications or extensions to be downloaded that are not available in the Apple Application store, which increases the risk of malware infection.
  • Automatically check to see if the device has pin-lock and disk encryption (basic device security), grant the device the appropriate access. If not, it will be diverted with the non-compliance explanation.

Another interesting observation is many of our higher education customers are starting to see eight devices per user versus the three devices noted. Watch out! The next workforce has some real potential to influence the new workplace.

To help organizations get ready for securing BYOD, we have a paper on Readiness Assessments: Vital to Secure Mobility; check it out.

Stay tuned -- later this year we look forward to sharing with you some further insight on mobile workers and their perceptions and behaviors regarding security. For example, how many folks download sensitive data on their personal smartphone? Or when an alert or pop-up warning occurs on their personal device what do they do? How many engage in risky behavior? Who is security aware? If you are a mobile device worker it would be great to hear your understanding of the security of your personal device in the new workplace.

Tags: , , , ,