Cisco Blogs

Minimize Threats from Non-Corporate Mobile Apps

- November 14, 2014 - 0 Comments

Our customers are continuing to feel the pain of having to increasingly support off-premise mobile devices like smartphones and tablets. The critical need to rapidly onboard these devices to connect to corporate services and applications pretty clearly provides business with a  competitive advantage (Cisco Enterprise Mobility Landscape Wave II Study – April 2014) in improving workforce efficiency.

Consider the sales person who needs to check a customer order from his corporate- sanctioned tablet in the customer’s lobby.  Look at the contractor with their personal smartphone who needs to access project emails from home.

What is the big problem? The rush to provide access to these off-premise devices means we have reduced or even discarded needed security controls when it comes to remote connectivity for mobile devices. Offering access from any device, any location, anytime, opens the door to potential security threats.  The mobile endpoint is a threat vector with 68% of organizations saying their mobile devices were targeted by malware in the last 12 months (Ponemon Research.)

What if I secure these devices using VPN technology in the same way as laptops? While, ”Turning On” VPN on any endpoint means that all traffic and applications (personal and enterprise) are all transmitted over the same VPN channel to access corporate networks.  This co-mingling of corporate and user apps allows the possibility of un-compromised user applications polluting corporate infrastructure and increases the risk of threats to the network.

So now what? I don’t want to enable VPN every single time I try to look up a document or use or access email. That increases the complexity for the user and gives them a reason to either find a way around the process or nullifies the efficiency business want to promote with their mobile workforce.

The answer lies with the introduction of Cisco AnyConnect 4.0 offering  customers the ability to deliver per-application secure access for only approved corporate applications in way that is seamless to the user.  By just clicking on the registered corporate application I want to use, I can automagically create a secure connection for JUST that application each time. This means I don’t mix access to corporate resources between authorized applications and potentially infected user applications. It even reduces bandwidth and IT resource usage since user applications do not get tunneled back to corporate and has to go through user networks (mobile or WiFi).


Enterprises want to empower their mobile users to work from anywhere while IT wants a simple way to control and secure enterprise access consistently across any device whether on or off-premise.   AnyConnect continues to evolve to provide integrated and flexible security and access control for any remote and/or mobile endpoints.






To learn more how to better secure your remote endpoints, check out Cisco AnyConnect


In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.