What We’re Reading, Week of 9/26

InformationWeek, 5 Mobile Security Issues to Watch SC Magazine, Sophistication and the downfall of security The Wall Street Journal, What’s a Company’s Biggest Security Risk? You. eSecurity Planet, IPv6 Will Cause Some Security...

Why mobile employees shouldn’t pose a security risk

By Bernd Reder All signs point towards mobility. This is true for all tech scenarios—personal and business. According to an IDC study, 119.7 million U.S. employees will be classified as mobile workers in 2013. This is 75.5 percent of the U.S. workforce, far more than in any other country of the world. The benefits of mobile computing are clear: Employees are more flexible because they can work on the road or at home, with the same efficiency as the company office. Waiting times (for example, at the airport) can be used productively. The company’s agility increases because the employees can be contacted more easily, and decisions can be made faster. Employees are more content because they have flexibility. Higher Risks In many cases companies pay dearly for these benefits by accepting higher risks. IT security company MessageLabs conducted a study that showed that employees who work from their offices and from home or the road trigger five times as many security alerts as their office-bound colleagues. One of the reasons is that they access the company network via hotspots at airports or in coffee shops. Additionally, mobile employees access more websites that do not relate to their jobs when working at home or on the road. They access, for example, online shopping sites or auction houses. Doing so, they increase their chances of landing on contaminated sites. It is clear that such behavior poses security risks. According to a Ponemon Institute report, the financial damage resulting from loss or theft of company data is at $214 per data set. Each U.S. company has to pay, on average, $ 7.2...

The VPN paradigm shift toward cloud computing

By Hery Zo Rakotondramanana From its conception, a VPN was meant to secure a connection that has to transit through a public network, making the IT managers’ challenge simply to find the best encryption method for tunneling data through the VPN. They had to choose the protocols, as well as the device (or software) that they should put at each endpoint of the VPN tunnel. And all of this was typically dealt with in-house, giving IT managers control over both endpoints of the VPN tunnel. But with the advent of cloud computing, things dramatically changed. Part of the IT infrastructure has moved to the cloud, introducing a third-party into the equation. As a result, IT managers are “losing control” over some parts of their infrastructure and are now having to deal with a third-party to setup a secure connection to access their IT resources in the cloud. So what exactly are your options in this new world where VPNs and the cloud collide? Let’s dig a bit deeper and find out. Extend in-house network infrastructure to the cloud. Cloud services in this category include, Amazon EC2, GoGrid, IBM Smartcloud, VMWare/Terremark vCloudExpress. At this stage, depending on the cloud provider, proprietary API are used for connecting to these cloud applications. As they become more popular, such cloud services are expected to provide more open and secured API connection. On top of this, Amazon, for example, has a VPN solution called Amazon VPC for accessing your cloud resources. Amazon VPC accepts third-party VPN implementations to access their cloud, provided that they implement IPsec Build a virtual network on top of the...

What We're Reading, Week of 9/19

Channel Pro, ‘Bring Your Own’ devices on the rise InfoTECH Spotlight, Frost & Sullivan’s Whitepaper Analyzes Challenges Involved in Enabling Secure Remote Access TechNewsWorld, Wrapping Personal Devices and Critical Data in Stale Policies SC Magazine, DigiNotar Collapse Underscores Impact of a...

What We’re Reading, Week of 9/19

Channel Pro, ‘Bring Your Own’ devices on the rise InfoTECH Spotlight, Frost & Sullivan’s Whitepaper Analyzes Challenges Involved in Enabling Secure Remote Access TechNewsWorld, Wrapping Personal Devices and Critical Data in Stale Policies SC Magazine, DigiNotar Collapse Underscores Impact of a...