Work for many of today's employees is no longer
restricted to the traditional 'nine-to-five' work day or the office
environment. In our age of high-speed internet communications, more
and more people can travel routinely for work or telecommute from
home, and for many there is no clear definition of when the working
day begins or ends, writes Eldar Tuvey, CEO ofScanSafe
.
IDC estimates that there will
be one billion mobile workers by 2011 - with serious implications
for security managers but clear opportunities for the channel.
The biggest risk comes from
users who surf the web unprotected while 'on the road' and
return to the office with infected laptops that can potentially
vandalise the corporate network. Roaming workers are more likely to
violate corporate Internet usage policies (IUP) - treating their
laptop as a personal device outside work hours.
In a recent survey among customer base, 65 per cent reported
instances of roaming workers tampering with or disabling security
features on their laptop when working remotely. Forty per cent said
they had been hit by a security threat as a result.
One prevailing misconception about roaming security is that the
corporate
VPN
will protect roaming users. Unfortunately, VPNs are not the
cure-all that many security professionals assume they are. One
obvious shortcoming of VPNs is that they only work when they are
turned on!
Traditionally, roaming worker security has been addressed from
the client-side (desktop anti-virus solutions) or server-side (URL
filtering software and/or appliances deployed in the
DMZ).
Desktop anti-virus only protects against known malware for which
a signature exists. Anti-virus solutions do not filter content and
cannot enforce an IUP. Client-based anti-virus software requires
constant updating and is a drain on PC performance, often
frustrating users so much they disable it.
Appliance-based solutions only offer URL filtering and do not
protect against malware. These solutions typically crawl the web to
build databases of known "bad" URLs to identify unwanted web
traffic rather than actually scanning each web page in real-time to
identify malware. They often miss many new exploits, leaving users
unprotected.
To truly protect roaming users, a solution should provide an
elastic security perimeter that moves with the employee without
introducing latency, increased bandwidth costs or requiring
constant updating.
Software-as-a-Service
(SaaS) solutions are ideal because all the heavy lifting is
done 'in the cloud'.
SaaS solutions seamlessly extend corporate security policy to
hotels, airports, homes or anywhere else employees use their
laptops. Scanning of Web content is done in real-time and there's
nothing to deploy. SaaS solutions merely require traffic be
redirected to take advantage of the service provider's global
network. This eliminates the need for IT staff to manage and update
a premise or client-based solution.
The world is getting smaller, demanding that people work
anytime, anywhere - and security services today need to keep
up.
>>
Computer Weekly Infosecurity 2008 show guide and
preview