Five BYOD Pitfalls and How to Avoid Them

Staying abreast of mobile trends and developments is one of the most important parts of being a remote access VPN solution provider. As our devoted followers know, we’ve regularly followed and offered commentary on the most talked about trends in the security world, especially BYOD. In a recent CIO article, Tom Kaneshige highlights five major BYOD pitfalls and describes how to avoid them. While we were mostly in agreement, we did have some additional thoughts of our own. 1.   An ‘Open Door’ Attitude Towards Apps Being too lenient with the types of apps CIOs allow employees to have (and even expense!) on their devices is a recipe for disaster. While the article highlights recreational apps, such as Angry Birds, it’s important to remember that Web browsers are applications, too. The Web is one of the most susceptible entry points for malware, and if enterprise security is not up-to-speed, sensitive corporate information is almost immediately at risk of being accessed and/or damaged. There are a couple of different ways to tackle this problem. The first method is to only allow employees to access the corporate network via an IPsec VPN. This will ensure that the network is protected even if the browser is compromised. SSL VPNs are the second option; they can be configured on an app-specific basis by administrators, and access can be revoked immediately. 2.   Playing the Role of Big Brother Another way that CIOs try to tackle the aforementioned application problem is through a technique called Geofencing. Essentially, a virtual perimeter is created that allows employees to have certain applications on their phone, but prohibits their use...

IPv6: Looking Back on Year One

It was only one year ago that the world welcomed the launch of IPv6, the long-anticipated solution to the problem of the world running out of IP addresses. In its first year, IPv6 has started to take root. Take a look at Google’s IPv6 adoption chart, for example, and you will notice that the growth has been exponential over the past year. However, the communications protocol still has a long way to go before becoming widespread. Over the next several years, the need for IPv6 will become more evident though. North America will run out of IPv4 addresses this month, according to the Internet Society’s infographic we previously referenced; meanwhile, Europe and Asia have run out already. On top of this, the increasing number of web-enabled smart devices, including smartphones, tablets, household appliances and vehicles, will put a further strain on IPv4’s networks. Despite the glaring need for IPv6, IT infrastructure is still a limiting factor in its adoption. Rainer Enders had this to say in an IT Business Edge article: “The truth is, the transition to IPv6 will be a slow rollout that will happen over the next 10 years. There’s still too much work that needs to be done from providers in terms of upgrading their wiring, pipes and firmware.” Sadly, this is still the case, as many organizations have used workarounds like Network Address Translation (NAT) as band-aids rather than confronting the inevitable transition to a long-term solution. Luckily, organizations are slowly starting to embrace the new era of the Internet. Operators such as AT&T, Verizon and Deutsche Telekom have championed the new protocol, with each...

NCP engineering Examines VPNs and Network Security with TMCnet

When it comes to network security, IT administrators often miss the forest for the trees. Far too often, they focus on specific silos rather than how each component connects holistically, as Rainer Enders, NCP’s CTO, Americas, mentioned to TMCnet at this year’s Interop Las Vegas. For example, a VPN will keep your network safe from hackers snooping on communication between remote access points and corporate networks. However, what if the network itself was compromised before installing a VPN? Imagine if all of the various components could come together to stop that problem by easily communicating with each other to monitor the status of the whole network. NCP has been working with the Trusted Computing Group (TCG), an organization dedicated to improving network security, to solve that problem over the last several years. IF-MAP is an open standard client/server protocol that is the result of our work in the TCG. Short for InterFace for Metadata Access Points, it provides a central database where IT systems can store and retrieve information to get a real-time representation of security across an entire network. When all of the security components communicate, overall network security is greatly improved versus a more siloed approach. NCP is constantly working to make our VPN more interoperable, to provide a stronger security platform for customers with features such as IF-MAP compatibility and with additional ones like central management and Two-Factor Authentication. To hear more of Rainer’s thoughts from Interop Las Vegas, please watch the video:...

June Feature of the Month: Parameter Locks

Let’s face it – the vast majority of employees utilizing a remote access solution do not have a comprehensive understanding of how exactly it works. From end users’ perspectives, when the product is operating efficiently, that’s all that really matters, and usually, no questions are asked. However, when security issues around connectivity arise, employees generally have two options: try to resolve the problem on their own or call their company’s help desk. More often than not, these issues can be traced back to configuration settings that have been improperly set up. Unless employees have a solid IT background, it’s rather unlikely that they will be able to fix these settings on their own. What’s more, a failed attempt to properly configure a VPN, firewall or Internet connection can be expensive for the employee and organization alike. Yes, the company help desk is one option, but wouldn’t it be great if there was a way to avoid this cumbersome and costly process altogether? Fortunately, NCP engineering’s Parameter Locks can help accomplish this. Creating and testing the corporate VPN, firewall and Internet connection configurations centrally allows IT administrators to lock in the correct configurations and distribute them to employees. The Parameter locks hinder subsequent manipulation, whether intentionally or through an accidental operation.This managed approach eliminates faulty configurations by non-technically inclined employees, increasing network security and avoiding costly configuration diagnoses and repairs. To learn more about NCP engineering’s June Product of the Month, Parameter Locks, click...

NCP engineering Explores Trends in IPsec and SSL VPNs on insideHPC Slidecast

Initially created as a response to the difficulty of implementing earlier versions of IPsec VPNs, SSL VPNs have become increasingly common over the past few years. Because they were built to be easier to implement, they were thought of as easier to manage than IPsec, which led to their growing popularity. However, IPsec offers many features that SSL doesn’t have, as detailed in the presentation given by Rainer Enders, NCP’s CTO of Americas, in a slidecast for insideHPC. Rainer explored recent trends in remote access technologies and delved into the progression of IPsec and SSL VPNs. In many ways, SSL has been evolving to become more like IPsec because businesses have demanded many of the features that are traditionally in IPsec VPNs, such as access to the entire corporate network rather than just applications. As a result, the formerly “client-less” option has required a bigger footprint to add those features. At the same time, IPsec has become much easier to use. NCP’s IPsec VPN client suite features a firewall and Internet connection that are integrated into a single interface. Users only need to click on a button once to securely connect or disconnect. Everything else is automated, and users never need to worry. So, it’s no longer true that IPsec is more difficult to connect to than SSL. Although SSL and IPsec are becoming more alike in many ways, each has unique features that are useful for different business needs. NCP develops VPN functionality based on both protocols, and we are constantly working to make them easier for IT administrators to manage and for users to enjoy mobility’s benefits....