Cisco Blogs


Cisco Blog > Security

Minimize Threats from Non-Corporate Mobile Apps

November 14, 2014 at 7:18 am PST

Our customers are continuing to feel the pain of having to increasingly support off-premise mobile devices like smartphones and tablets. The critical need to rapidly onboard these devices to connect to corporate services and applications pretty clearly provides business with a  competitive advantage (Cisco Enterprise Mobility Landscape Wave II Study – April 2014) in improving workforce efficiency.

Consider the sales person who needs to check a customer order from his corporate- sanctioned tablet in the customer’s lobby.  Look at the contractor with their personal smartphone who needs to access project emails from home.

What is the big problem? The rush to provide access to these off-premise devices means we have reduced or even discarded needed security controls when it comes to remote connectivity for mobile devices. Offering access from any device, any location, anytime, opens the door to potential security threats.  The mobile endpoint is a threat vector with 68% of organizations saying their mobile devices were targeted by malware in the last 12 months (Ponemon Research.)

What if I secure these devices using VPN technology in the same way as laptops? While, ”Turning On” VPN on any endpoint means that all traffic and applications (personal and enterprise) are all transmitted over the same VPN channel to access corporate networks.  This co-mingling of corporate and user apps allows the possibility of un-compromised user applications polluting corporate infrastructure and increases the risk of threats to the network.

So now what? I don’t want to enable VPN every single time I try to look up a document or use salesforce.com or access email. That increases the complexity for the user and gives them a reason to either find a way around the process or nullifies the efficiency business want to promote with their mobile workforce.

The answer lies with the introduction of Cisco AnyConnect 4.0 offering  customers the ability to deliver per-application secure access for only approved corporate applications in way that is seamless to the user.  By just clicking on the registered corporate application I want to use, I can automagically create a secure connection for JUST that application each time. This means I don’t mix access to corporate resources between authorized applications and potentially infected user applications. It even reduces bandwidth and IT resource usage since user applications do not get tunneled back to corporate and has to go through user networks (mobile or WiFi).

PerAPP

Enterprises want to empower their mobile users to work from anywhere while IT wants a simple way to control and secure enterprise access consistently across any device whether on or off-premise.   AnyConnect continues to evolve to provide integrated and flexible security and access control for any remote and/or mobile endpoints.

AC

 

 

 

 

To learn more how to better secure your remote endpoints, check out Cisco AnyConnect

Tags: , , , ,

Baking Security Into the Cloud

Enterprises, governments, and organizations of all sizes are moving to the cloud in record numbers. The cloud can offer resiliency, but it also introduces new security challenges. Security needs to be baked in from the beginning, across the board.

Cisco has invested over $1 billion in people, infrastructure, equipment, and services to address the cloud market. Most recently, we launched the Cisco Intercloud, a network of clouds from multiple cloud service providers across the world designed to meet customers’ needs for a globally-distributed cloud platform that enables federated workloads that can be moved from one cloud to another.

Read More »

Tags: ,

Extending control and advanced threat protection for web security

Today the web is a favorite vector for threat actors to launch their attacks. According to the Cisco 2014 Midyear Security Report, More than 90 percent of customer networks observed in the first half of 2014 were identified as having traffic going to websites that host malware. More recently, Talos uncovered a massive malvertising network known as Kyle and Stan. Some 31,151 connections were observed to the network’s 6,491 domains.

In an effort to continue offering the most comprehensive protection to our customers, today we are announcing several important new features and expanded threat protection for the Cisco Web Security Appliance (WSA).

Read More »

Tags: , , , , , , , , ,

Microsoft Update Tuesday November 2014: Fixes for 3 0-day Vulnerabilities

This month Microsoft is releasing 14 security bulletins. Originally they had planned to release 16, but due to issues that emerged in late testing, two bulletins that were announced in the Advance Security Notification, MS14-068 and MS14-075, have been postponed. Of the 14 bulletins, four are considered critical, eight are important, while two are moderate. They cover a total of 33 CVEs.

Read More »

Tags: , , , , ,

New White Paper from Enterprise Strategy Group on the Evolution of and Need for Secure Network Access

Mention Network Access Control (NAC) to some security or network operations engineers, and they just might grimace.  Why?  Most people still associate NAC with a set of technologies that were complicated to deploy and implement effectively.

Today, however, those nightmare assumptions are far removed from the reality.  In this newly released white paper, Jon Oltsik, Senior Principal Analyst for the Enterprise Strategy Group, discusses how NAC is transforming into something more—a technology he calls Endpoint Visibility, Access, and Security or EVAS. Mr. Oltsik discusses how the NAC market has changed to reduce complexity in both deployment and usage. Through this advancement, this evolved technology has become an increasingly more critical component in securing enterprise networks.  In addition, Mr. Oltsik discusses how Cisco and the Cisco Identity Services Engine (ISE) are in the best position to meet IT security challenges in terms of what EVAS should be and how it helps.

Download the white paper on Cisco.com:
http://www.cisco.com/c/dam/en/us/products/collateral/security/cisco-evas-white-paper.pdf

Tags: , , , ,