Seamless security for roaming workers

Work for many of today's employees is no longer the traditional nine-to-five day or the office environment...

Work for many of today's employees is no longer the traditional nine-to-five day or the office environment, writes Eldar Tuvey, CEO of ScanSafe.

In an age of high-speed internet communications, more and more people can travel routinely for work or telecommute from home.

For many, it's hard to tell when the work day begins and ends, especially when travelling for business. Who hasn't entered that grey area of working on the road, after hours, and checking the personal e-mail account or latest news headlines on their corporate-issued laptop?

IDC estimates that there will be a billion mobile workers by 2011. That presents serious implications for security managers.

The biggest risk comes from users who surf the web unprotected while on the road and return to the office with infected laptops that can vandalise the corporate network. Roaming workers are more likely to violate corporate internet usage policies, treating their laptop as a personal device outside work hours.

In a recent survey among our customer base, 65% reported instances of roaming workers tampering with or disabling security features on their laptop when working remotely. And 40% said they had been hit by a security threat as a result.

One misconception is that the corporate virtual private network (VPN) will protect roaming users. Unfortunately, VPNs are not the cure-all that many security professionals assume. One obvious VPN shortcoming is that it only works when it is turned on!  

Traditionally, mobile security has been addressed from the client side (desktop anti-virus solutions) or the server side ( URL filtering software and/or appliances deployed in the DMZ).  

Desktop anti-virus only protects against known malware for which a signature exists.  Anti-virus solutions do not filter content and cannot enforce an internet usage policy.  Client-based anti-virus software requires constant updating and is a drain on PC performance, often frustrating users so much they disable it. 

Appliance-based solutions only offer URL filtering and do not protect against malware. These solutions typically crawl the web to build databases of known "bad" URLs to identify unwanted web traffic rather than actually scanning each web page in real-time to identify malware. They often miss many new exploits, leaving users unprotected.

To protect roaming users properly, a solution should provide an elastic security perimeter that moves with the employee without introducing latency, increased bandwidth costs or requiring constant updating.

Software as a service (SaaS) solutions are ideal because all the heavy lifting is done "in the cloud".

SaaS solutions seamlessly extend corporate security policy to hotels, airports, homes or anywhere else employees use their laptops. The scanning of web content is done in real-time and there's nothing to deploy. SaaS solutions merely require traffic be redirected to take advantage of the service provider's global network. This eliminates the need for IT staff to manage and update a premise- or client-based solution.

The world is getting smaller, demanding that people work any time, anywhere. Security services need to keep up. 

Eldar Tuvey is CEO of security-as-a-service company ScanSafe

Infosecurity conference >>

Ubiquitous enterprise mobility arrives >>

Mobile security balancing act >>

Read more on IT risk management