Backup Collaboration Mobile Security Storage Strategy Virtualisation

Securing the Mobility Age through the Cloud

Article Type: Opinion          Published: 01-2014         Views: 2229   



Employee mobility will be the rule rather than the exception in the cloud-connected enterprise, bringing with it a whole new raft of security concerns, argues Michael Sutton, VP of security research at Zscaler.

Laptop, Smartphone and tablet have overtaken desktop usage, and enterprises are mobilising everything from ERP to Office 365 and customer support. The use of mobile devices has resulted in users doing their routine business activities on the go.

This growing mobility trend meets the BYOD [Bring Your Own Device] movement and is putting enterprise networks at risk. BYOD means that mobile devices often circumvent corporate networks and their security umbrellas. When a mobile device connects to a public or 4G network, IT administrators lose visibility and control, because appliances cannot see the traffic outside the corporate realm any more. Traditional security solutions, such as in-line URL filtering, are being rendered ineffective in the mobility age.

Anti-virus (AV) software, another standard end user security solution in the enterprise, has also been rendered ineffective by mobile. Resources are finite on mobile devices and battery life is limited, so continually running background apps is less than desirable and the sandboxed nature of the file system prevents AV from scanning all local data. Moreover, on iOS, AV isn't an option at all, as this operating system doesn't permit apps to run in the background. As such, a staple of security in the PC world is dead when it comes to adapting it into the mobile world.

As enterprises move corporate data to the cloud and employees connect through mobile devices, a new security paradigm is necessary. Security appliances and host-based solutions simply cannot meet the needs of the rapidly changing, global and mobile enterprise. The solution to securely scale an increasingly distributed business does not lie in the purchase of more hardware and software. IT departments must shift from a mentality of 'block vs. allow' to 'manage and monitor'.

A new approach takes security away from static appliances that do not cover mobile users and increasingly create choke points for Internet traffic. A worldwide network that surrounds the Internet, bi-directionally inspecting all end user traffic, regardless of location or device, provides an answer. Considering the distributed nature of global organisations with their mobile workforce and the ubiquitous cloud services, organisations need to embrace a distributed network and security architecture that meets its users' requirements in the cloud.

Such a cloud-based security model is the way forward. It is not reliant on where users are or what devices they are using to access the web or cloud applications. The cloud offers a flexible way to lessen the risk of employee-owned devices bypassing conventional filtering layers. A cloud security model acts like a check post between the user and the Internet, and all Internet-bound traffic goes through it, hence enabling businesses to embrace mobility and cloud, while enforcing security policies that follow the user

Like this article? Click here to get the Newsletter and Magazine Free!

Email The Editor!         OR         Forward ArticleGo Top

PREVIOUS ARTICLE