Mobile Endpoint Security Limitations a Hot Topic at Interop Las Vegas 2013

Posted: 30th April 2013 by VPN Haus in Industry Commentary, IT policy, Rethink Remote Access, Shows, VPN
Tags: , , , , ,
0

*Editor’s note: This blog originally appeared as a guest post on the Interop Blog

By: Rainer Enders, CTO, Americas at NCP engineering.

The Android mobile platform and its oft-publicized security limitations, along with those of other mobile operating systems (OSs), are guaranteed to be a hot topic at this year’s Interop event. After all, they have even caught the attention of the American Civil Liberties Union (ACLU), which filed a complaint against the four major cellular carriers in the U.S. for not doing enough to protect the private information of subscribers using the Android OS.

The security concerns associated with Android shouldn’t shock anyone. We’ve known there were problems for a long time now, and other popular platforms like iOS are not immune either. But, thanks to the bring-your-own-device (BYOD) and consumerization of IT trends, the implications of such issues are now much more significant. Enterprise network security architects and managers are limited in their abilities to secure certain remote access connections due to the lack of open APIs for security relevant functions, such as VPN and Device Firewall, in most mobile platforms. This also means that neither carriers nor enterprises can effectively deploy and manage such features built into a mobile OS to meet their specific security needs. So, if they choose to stick with the native security functions, if they exist at all, they are at the mercy of many limitations.

The consumerization of mobile devices has led to another serious side effect: significant relevant security functions, required by major industry verticals and government entities around the world, are missing in action.

It is clear that BYOD is no passing fad, and that companies in every industry must find ways to make it work without compromising their IT infrastructures and the sensitive data contained within them. With each passing day, more and more organizations recognize the need to go beyond the one-size-fits-all approach that comes with most mobile devices and OSs, and instead focus on technologies that combine the security they need with the convenience users demand. Additionally, the mobile device industry must be more concerned and engaged in endpoint protection strategies and technologies if these limitations are to be permanently fixed.

How and when the industry addresses these issues remains to be seen, but it is evident that BYOD and the consumerization of IT will not slow down to let Android, iOS or any other platform catch up. This means that businesses must take a proactive approach to meeting the security needs that the mobile platforms’ built-in features cannot presently live up to.

Keep your ears and eyes open at Interop Las Vegas 2013 – we think this security topic will prove to be among the most popular.

Why Two-Factor Authentication Matters

Posted: 25th April 2013 by VPN Haus in 2 Factor Authentication, Industry Commentary, IPsec
Tags: , ,
0

By Patrick Oliver Graf, General Manager, NCP engineering

At the end of last year, we spent some time discussing a few projected network security trends for 2013. While there was room for debate on some topics, most people agreed that there was a clear need for more secure authentication methods. In hindsight, it appears that the experts were correct, and the traditional combination of username and password is no longer a strong enough security barrier to ward off hackers with increasingly sophisticated tools. But, this doesn’t mean that there is one answer that solves every problem.

Two-factor authentication in particular has received heightened media attention in recent weeks. Many users on Twitter, one of the fastest growing social networking platforms in the world, are clamoring for it in light of recent high-profile hacks. Most notably perhaps, the Associated Press (AP) handle was used to tweet (falsely) that President Obama was injured in a White House explosion. After the ruse was exposed, one glaring question emerged in the minds of security experts: could it have been prevented if Twitter used two-factor authentication?

In reality, two-factor authentication – a security process in which the user provides two means of identification – may not have prevented this attack. The Syrian Electronic Army, which claimed responsibility, reportedly obtained login credentials from a phishing email attack that prompted employees to enter their usernames and passwords. If this is true, Dan Kaplan of SC Magazine correctly points out that the perpetrators could have easily added another field for that second means of identification.

What we should learn from this is that there is no one magic technology that applies to every situation. However, robust security software combined with proper employee education on security best practices can help safeguard companies against most of today’s cyber threats.

The NCP Secure Enterprise Management software, for example, administers a one-time password that users receive via SMS. Each password is created by a random number generator within the NCP Advanced Authentication Connector and is automatically canceled after use. This eliminates the need to use third party solutions and enables two-factor authentication with only a mobile or smartphone. Ultimately, this creates additional security hurdles that hackers must clear in order to obtain access to sensitive company content.

NCP Empowers Enterprise Mobility for Truesense Imaging

Posted: 23rd April 2013 by VPN Haus in Industry Commentary, Mobile, Rethink Remote Access
Tags: , , , ,
0

In a recent blog post, we discussed workforce trends identified by Forrester Research, which center on mobility as a tool being used with increasing frequency to bolster employee productivity. It seems that everywhere we look today, remote workers are becoming more prominent in the workforce, while traditional 9-to-5, face-to-face working environments are becoming few and far between. And considering the substantial research that shows workers can be more productive when working outside the office, more and more enterprise-level businesses will have to take a hard look at technologies that allow off-site workers to securely access company data and IT assets.

One company that has embraced enterprise mobility is Truesense Imaging, a developer, manufacturer and marketer of the world’s highest performance image sensor devices. Today, NCP announced its virtual private network (VPN) technology is enabling Truesense employees to securely connect to the corporate network and work from home or on the road, improving both workforce mobility and productivity.

When Truesense’s increasingly-mobile technical and sales teams demanded secure, remote access to their corporate network in order to work seamlessly while off-site, the company recognized how important this was, not only for productivity, but also workforce morale and future recruiting efforts.  In order to attract top-level talent, organizations need to show that they are willing to invest in technologies that help employees do their jobs to the best of their ability.

For these reasons, Truesense chose NCP’s enterprise IPsec VPN clients and fully automated VPN management system, which provide a secure tunnel from any Internet access point into the corporate network using their company-owned Windows XP, Windows 7 or Mac OS X laptops. Now, with NCP’s robust VPN technology, Truesense is guaranteeing its mobile employees the same access and functionality as colleagues sitting in their offices, without compromising security.

For more information about the Truesense use case, go here.

Additionally, NCP will be discussing this use case next month at Interop Las Vegas and we invite you to stop by our Interop Booth #951 for further details.

 

Expert Q&A: Establishing a Secure Data Center and Cloud with Remote Access

Posted: 18th April 2013 by VPN Haus in Expert Q&A, Highlights, IPsec, IT policy, Rethink Remote Access, SSL, virtualization, VPN
Tags: , , , , , ,
0

*Editor’s Note: This is Part One of an article that originally appeared in The Data Center Journal’s  Industry Perspective Column

By: Rainer Enders, VPN Expert and CTO, Americas, at NCP engineering:

Industry Perspective: What are some of the main security concerns for data center managers today?

Rainer Enders: The evolution of modern data centers, while beneficial for many reasons, is exposing serious security pain points along the way. For one, as data centers grow in size to keep up with enterprise computing needs, it becomes increasingly difficult for IT managers to adequately protect all corporate assets, which include everything from data and documentation to software and supplies. As capacity expands, data center managers are finding it harder to maintain critical IT compliance and security measures, such as managing and de-provisioning privileged user access, and running compliance reports that are growing in both depth and volume. Additionally, with the rising popularity of virtualized and cloud environments, data center managers are tasked with baking security into all compute, network, storage and hypervisor layers. This is a considerably difficult task, in light of the numerous emerging attack vectors that constantly increase in sophistication, such as ever-morphing advanced persistent threats (APTs) that are compromising critical corporate information.

IP: What specific security challenges arise as companies outsource to the cloud and rely on remote services with increasing frequency?

RE: The most critical security challenges that arise in cloud deployments are compromises to remote access connections—in the form of session-hijacking attacks, for example—and compromises of cloud-hosted resources, such as virtual machines, from within the hosted provider network. Insufficient security architectures and controls in operator networks can cause great harm. A major compromise can not only lead to a significant loss of critical data, but it can also infiltrate systems and serve as a platform for attacks against other systems or networks.

IP: What is the role of VPNs in enabling secure communication and service provisioning over the Internet?

RE: A virtual private network (VPN) not only secures all data transfers in an encrypted tunnel, but it also seals the communication as early as Internet dial-up, which is the most frequent vector for cyber-attacks. The optimal VPN solution offers the greatest possible flexibility, including support for IPsec and SSL, as well as seamless roaming capabilities between various communication media, such as LAN and Wi-Fi. It also enables IT administrators to centrally manage all clients, users and other relevant components of the VPN infrastructure. Remote services to critical infrastructure must be properly protected by means of the strongest secure remote-access technology such as IPSec VPN. It is no coincidence that IPSec is an integral component to IPv6, the next emerging Internet Protocol.

IPsec VPN clients, in particular, provide transparent Layer 3 remote access and offer high-level security in the form of strong authentication and authorization. Furthermore, they allow information-security professionals to tie in additional security functions, preventing malicious external attacks. Other potential security functions include hot-spot logon, managed endpoint dynamic firewalls and endpoint-protection policies. Lastly, IT managers should integrate VPNs into existing identity-management platforms and processes, including full automation of user provisioning, delivering high-end security, operational efficiency and cost effectiveness.

 

rainer

Stay tuned for Part Two of this Q&A next week.

Forrester Research: Mobility and Collaborative Technologies Key in 2013

Posted: 16th April 2013 by VPN Haus in Industry Commentary, Mobile, VPN
Tags: , , ,
0

Last week, Forrester Research hosted an event for tech vendors on 2013 IT spending trends in Australia and New Zealand. One of the key takeaways from this event highlights an emerging trend not just in that region, but all over the world. Business decision-makers are taking an increasingly proactive role in IT-related investments in order to bolster the mobility and collaborative capabilities of their workforces.

According to Forrester, the goal is to streamline targeted business processes, improve employee performance and productivity, and enable faster and more fruitful innovation. This not only improves how companies work internally, but also how they deliver products and services to their clients. Furthermore, Forrester said in a recent blog post that the focus must shift from short-term profit realization to building long-term business value.

As the global workforce becomes increasingly mobile, companies are searching for ways to become more flexible and productive without compromising security. Whether embracing bring-your-own-device (BYOD) policies or supplying workers with company-owned laptops, smartphones or tablet computers, remote working capabilities are clearly on the minds of business executives everywhere. No longer is this issue and related decisions solely under the purview of IT departments.

Technologies like comprehensive VPN solutions with robust personal dynamic firewalls and seamless roaming features are highly sought-after by organizations that recognize the value of having security and convenience rolled into one package. BYOD popularity and mobile device use is only going to grow in 2013 and beyond, and businesses that invest in solutions that promote security, collaboration and innovation are likely to stand head-and-shoulders above the competition.

Older Entries
Newer Entries