Infosecurity 2008 - Seamless security for roaming workers

Work for many of today's employees is no longer restricted to the traditional 'nine-to-five' work day or the office environment. In our age of high-speed internet communications, more and more people can travel routinely for work or telecommute from home, and for many there is no clear definition of when the working day begins or ends, writes Eldar Tuvey, CEO of ScanSafe.

Work for many of today's employees is no longer restricted to the traditional 'nine-to-five' work day or the office environment. In our age of high-speed internet communications, more and more people can travel routinely for work or telecommute from home, and for many there is no clear definition of when the working day begins or ends, writes Eldar Tuvey, CEO of ScanSafe.

IDC estimates that there will be one billion mobile workers by 2011 - with serious implications for security managers but clear opportunities for the channel.

The biggest risk comes from users who surf the web unprotected while 'on the road' and return to the office with infected laptops that can potentially vandalise the corporate network. Roaming workers are more likely to violate corporate Internet usage policies (IUP) - treating their laptop as a personal device outside work hours.

In a recent survey among customer base, 65 per cent reported instances of roaming workers tampering with or disabling security features on their laptop when working remotely. Forty per cent said they had been hit by a security threat as a result.

One prevailing misconception about roaming security is that the corporate VPN will protect roaming users. Unfortunately, VPNs are not the cure-all that many security professionals assume they are. One obvious shortcoming of VPNs is that they only work when they are turned on!

Traditionally, roaming worker security has been addressed from the client-side (desktop anti-virus solutions) or server-side (URL filtering software and/or appliances deployed in the DMZ).

Desktop anti-virus only protects against known malware for which a signature exists. Anti-virus solutions do not filter content and cannot enforce an IUP. Client-based anti-virus software requires constant updating and is a drain on PC performance, often frustrating users so much they disable it.

Appliance-based solutions only offer URL filtering and do not protect against malware. These solutions typically crawl the web to build databases of known "bad" URLs to identify unwanted web traffic rather than actually scanning each web page in real-time to identify malware. They often miss many new exploits, leaving users unprotected.

To truly protect roaming users, a solution should provide an elastic security perimeter that moves with the employee without introducing latency, increased bandwidth costs or requiring constant updating. Software-as-a-Service (SaaS) solutions are ideal because all the heavy lifting is done 'in the cloud'.

SaaS solutions seamlessly extend corporate security policy to hotels, airports, homes or anywhere else employees use their laptops. Scanning of Web content is done in real-time and there's nothing to deploy. SaaS solutions merely require traffic be redirected to take advantage of the service provider's global network. This eliminates the need for IT staff to manage and update a premise or client-based solution.

The world is getting smaller, demanding that people work anytime, anywhere - and security services today need to keep up.

>> Computer Weekly Infosecurity 2008 show guide and preview




This was last published in April 2008

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close