Cisco Blogs


Cisco Blog > Security

How Secure is Your Mobile Worker?

How well do you know your mobile worker? Understanding the mobile worker’s perceptions and behaviors will offer a better view on the potential security implications your organization must manage. Cisco recently released a new global infographic and white paper, the Cisco Connected World International Mobile Security study. They explore the mobile worker’s view points concerning working remotely, connecting to corporate, and their sense of security. Some of the findings are worth reflecting on to help you set the course for your mobile security efforts.

There is no question that the movement to mobile personal devices in the workforce has been well recognized. A recent response to this trend includes almost half of employers offering to fund workers to buy their own devices. Allowing the “chose your own” device alternative will attract and retain talent and reduce costs (see recent IBSG BYOD research), but what are the security implications?

There are a few striking data points to call out:

  • 63% of users download sensitive data on their devices. The frequency significantly increases in some countries which should alarm people doing business internationally if there are no precautions taken to secure the downloaded data. Imagine your financial data or product road maps being downloaded on an unprotected personal device.
  • Most believe remote access is a privilege. Yet in some countries they believe it’s a right as a worker. This establishes high expectations for IT to support and secure the devices including, but not limited to, extensive help desk calls.
  • Most users are diligent when a pop-up appears and will read through the details and determine what it really means. Yet, many workers from select countries generally tend to be less careful and accept warning pop-ups without reading the details which increases the risk that hidden malware will be downloaded. Hackers depend on this social mining effort.
  • 60% of users admit to engaging in risky behavior on a device (for example, personal or company-owned) while connected to corporate resources. This suggests that more security enforcement technology would benefit the prevention of data breaches and/or loss.

Data_Protection_Chart_1-300x115So, who really owns the mobile security issue? Mobile workers do not take full responsibility for a safe device with 84% believing that their IT will protect them from threats no matter what device is used. Sometimes IT’s perspective on this dependency is expressed with disbelief. An example of this issue was observed at BlackHat from a security professional during a demonstration we presented a couple weeks ago.

During the demonstration, we were showing how a user who inadvertently clicked on a phony URL sent in an email. That click triggered to phone an alert to a hacker that an “innocent” user is accessing the phony Internet site. The user unknowingly offered login credentials to their bank account. The hacker begins to record the users’ keystrokes to use later for malicious purposes. A security professional from BlackHat chimes in during the demonstration with the comment, “Dumb User.” The demonstration later showed how the combined effort of Cisco ISE and SIEM (Lancope) with unique TrustSec enforcement can identify and control the malicious activity with a single policy (for example, by segmenting and restricting users traffic close to the edge—on a network switch). The surprise to the security experts watching the demonstration was the concept that the network switch provided this enforcement.

Bottom Line: Most mobile workers have good intentions but do rely on IT to step in.

It would be great hear from you on your impressions of these recent findings and whether you are a mobile worker or an IT professional.

Please refer to Cisco’s security response for the mobile workforce: Secure Access

Tags: , , , , , , ,

New Bills in U.S. Government Show Commitment to Video

Being effective in your job doesn’t always mean that you need to be there.  In fact, many would argue that their productivity increases drastically when they are given the flexibility to work wherever they want as long as they can stay connected.  If that means staying off of a plane for a business trip, even better because it also saves the company money.

Enter video conferencing, the tool that enables users to be part of the discussion without being there.  But what does “there” really mean in today’s world? With mobile technologies, including video, transforming how and where we work, the concept of “there” is really anywhere you want it to be. “There” can be a traditional office that is now equipped with video technologies that enable collaboration with others across the world without having to travel in order to conduct business. It can also be working remotely and still being part of your business community with mobile video and other applications that allow users to work at home, at a coffee shop or anywhere they like.

The move to stay connected at anytime from anywhere has been engaged by many organizations including the U.S. Federal Government. To help agency’s ensure productivity while cutting travel costs the House of Representatives introduced a bill that would allow absent Congress members to vote via video conferencing. The bill allows members to cast votes remotely over video and be treated as if they were present in person at meetings.

Government members are also extending this sentiment beyond the walls of Congress as Representative Michael Fitzpatrick also introduced a new bill — H.R. 2643, the Stay In Place, Cut the Waste Act of 2013 — to review agencies’ efforts to reduce travel spending and develop a plan to cut travel expenses by 50 percent through the use of video conferencing technologies.

Is it really going to make a difference? Read More »

Tags: , , , , , , , ,

Speaking proposal submissions for OpenStack Summit – Voting is Open!

Cisco celebrated OpenStack’s 3rd birthday recently by releasing the Cisco OpenStack Installer for Grizzly. This blog post has more details.

The OpenStack foundation organizes a four-day OpenStack Summit every six months for contributors, enterprise users, service providers, application developers and ecosystem members. It facilitates the community to gather, discuss and present on several different streams ranging from keynote presentations and general sessions to workshops and developer sessions for planning the next OpenStack release. The next OpenStack Summit will be held in Hong Kong from November 5th to the 8th 2013 at the Asia World-Expo. The number of attendees for the Summit is expected to be around 5000 people.  More information on the Summit and how you can register to attend is available here.

Speaking proposals are submitted by the community from anyone with an idea or topic they would like to present. The proposals are voted on by the community to secure a slot in session track. Submissions for the OpenStack summit general sessions closed on July 31st 2013 and are now available for vote.

As compared to the Portland summit that had 250 proposal submissions [you can view session videos from OpenStack Portland Summit here, the Hong Kong summit has more than 600 submissions. There are a lot of great proposals but only the best and most popular will make it to the Summit. The approved sessions typically get recorded and are available for viewing online as well.

Cisco’s OpenStack team submitted several proposals that highlight our involvement and contributions to OpenStack. The table below lists the proposals along with a link to the abstract and speaker details.

Products & Services
Technical Deep Dive
Apps on OpenStack
Getting Started
Operations
Community Building
Workshops
Related OSS Projects

Community voting is open now and if you are interested in any (or all) of the above proposals, please vote for them here. The voting is open until Sunday, August 25th 2013. Please note that you do need to be an OpenStack Community member in order to vote; If you are not currently a member, you can easily register for membership via the OpenStack website.

Stay tuned for more updates, as we get closer to the OpenStack summit.

Tags: , , , , , , , , , , , ,

Powerful Combination: Employees and Social Media

I keep thinking about the phrase “power to the people” and thinking it’s definitely taken a whole new meaning when it comes to engaging employees in social media. During today’s Let’s Chat! #Ciscosmt Twitter chat with Cisco’s Petra Neiger (@Petra1400) and Salesforce.com’s Jennifer Burnham (@JennyDBurnham), we got a first-hand look at the ways employees can really make a difference for the overall company.

Let's Chat! #Ciscosmt August Twitter Chat: Engaging Employees in Social Media Recap

Let’s Chat! #Ciscosmt August Twitter Chat: Engaging Employees in Social Media Recap

Here are some key takeaways from the chat and below is a compiled transcript. I’m interested to hear your insights. Do you agree with these guests’ point of views? How does your organization engage with its employees? Are there other approaches perhaps not covered in today’s chat? Let’s keep the conversation going by sharing additional perspectives.

Key Takeaways

  • Make sharing content through social media channels as easy as possible for employees.
  • Create guidelines and policies and provide training to employees, creating a comfortable and safe environment to join the social conversation.
  • Define different types of opportunities and content-sharing that suits employees’ communication preferences and style.
  • Leverage executive sponsors to enable employees to participate in the social stream.
  • Design incentives such as gaming badges, recognitions, and other opportunities to motivate employees to participate more in social media.

September Twitter Chat

And mark your calendars for next month’s Let’s Chat! #Ciscosmt Twitter chat, taking place on Thursday, September 26th from 9-10 a.m. PT. Stay tuned for more details by following the Cisco Digital and Social blog and the #Ciscosmt hashtag!

Let’s Chat! #Ciscosmt Series: Engaging Employees in Social Media Twitter Chat Transcript

Cisco Social Media Training Program Opportunity:

If you have any questions or are interested in other types of social media training, check out our complimentary Cisco Social Media Training Program and follow the #ciscosmt hashtag. To request  customized one-on-one team training sessions, email ciscosmtraining@external.cisco.com.

Tags: , , , , , , , , , , , , , , , , , , , ,

Meaningful Employee Recognition Can Help You Retain Valued Employees

CB_Partner-Talent-Banner

This is the final post in the Cisco Partner Talent series, helping partners attract, develop, and retain the right people with the right skills at the right time. This month’s blog post goes into detail about the importance of Rewards and Recognition in our Cisco Fit4Talent Employee Lifecycle. To read all of my blogs, see my Cisco blogs bio.

Good job. Well done. Fantastic. We all recognize the power of positive reinforcement but what about recognition preferences? Studies show that how you recognize an employee for their work is as important as recognizing them at all.

Sounds strange, I know. But let me share some data from Maritz Research, a marketing research firm, to get you thinking about your own recognition program.  Read More »

Tags: , , ,