Cisco Blogs

Cisco Blog > Mobility

Honesty is the Best BYOD Policy

Does BYOD really mean that my device will become the company’s device? Do I control my private data or does my employer? How can I make sure I maintain a work-life balance when my personal device is also my work device? Will my company support any device I choose?

Some of these questions might seem familiar as more business employees consider adding their own device to their company’s network. These questions also represent an important part of a comprehensive mobile strategy: User buy-in.

Brett Belding BYOD - without headerRecently, I read an interesting CIO article by Adam Bender that highlighted the importance of getting employees on board when implementing a BYOD policy. The article discusses that according to Frost & Sullivan analyst, Audrey William, many employees are worried that they won’t be able to control data on their device once they begin using it for work. In addition, William states that employees are also concerned about the lines blurring between work and play when both personas are merged onto one single device.

Although the concept of BYOD is not new, these concerns have important consequences in our networked world. So, what’s the answer?

An honest, safe, and secure MDM solution and effective policy communication. Read More »

Tags: , , , , , , , , , , , , , ,

Security Is Pervasive in the Cisco Blog Community

As we pass the halfway point of National Cyber Security Awareness Month (NCSAM), I wanted to call attention to some of our colleagues over on the Cisco Government Blog. Patrick Finn and Peter Romness have been busy this month espousing the need for security and we thought it would be beneficial to expose our readers to their thoughts on security that have been published on the Cisco Government Blog space. Read More »

Tags: , , ,

Defensive Security: The 95/5 Approach

Many organizations make the error of thinking that basic defensive software is sufficient to protect critical data and infrastructure. When in reality, in order for government and enterprise organizations to keep their data protected from increasingly advanced cyber threats, comprehensive defensive security approaches are critical. And even with advanced, comprehensive solutions, there are still risks.

No organization is ever going to be able to protect 100 percent of its assets 100 percent of the time, which is why I work on the 95/5 principle. No matter how many security solutions are deployed, if attackers are determined enough, they will find a hole. Humans make mistakes and without fail, attackers will take advantage of them.

With comprehensive security approaches, we can regularly block at least 95 percent of threats—but there is always going to be a margin of error—the other 5 percent. A proactive, continuous approach can help ensure the vast majority of offensive moves are rejected.

Read More »

Tags: , , ,

DNS Knows. So Why Not Ask?

DNS is like the town gossip of the network infrastructure. Computers and apps ask DNS questions and you can ask DNS who has been asking to resolve malware domains. When internal trusted systems are using DNS to resolve the names of known malware sites, this can be an Indicator of Compromise and a warning to clean the potentially infected systems and block traffic to the domain.

Blacklisting the known malware domains using local RPZs, firewalls, Cisco IronPort Web Security Appliance (WSA), or Cloud Web Security (CWS) is a great way to add an extra level of security in organizations. But what if you are just getting started in the process of cleaning systems and just need some situational awareness? Or, how can you manually check to see if these devices are working as expected? How can you determine independently of security devices, and at any point in time, that client systems are not reaching out to malicious domains? You can use dig but this post focuses on a Python example. Let’s first take a look at some DNS mechanics.

Read More »

Tags: , , , ,

Check Ins – Why location needs to be part of Authentication and Identity

Dude, where’s my IP?

I love to check in on social networks like Foursquare and Google+. Most of the time, there’s no point to it, but it’s fun to see what friends and colleagues are up to or discover new local haunts. Despite the fun and games, location is much more important to the network than it appears. My physical location may have little or everything to do with my network location and there’s no reason for them to match exactly, but there are significant reasons to be more accurate.

You Are Here

Read More »

Tags: , , , , ,