itb-nz logo
Story image

I know what you did in Koru Club last summer

22 Dec 2014

It’s not enough to secure devices in the mobile world, says Intergen’s Chris Auld. But he says there’s a simple solution to ease many security issues.

Workforce mobility isn’t just about mobile phones and shiny executive jewellery wear. It’s about all devices including laptops and the devices that have been sitting in people’s bags for years.

The ground floor requirement for getting on the enterprise mobility elevator is making sure that you've got secure end points. Your people have got lots of very valuable and very sensitive data floating around. It's not enough to just say you’ve got mobile device management for iPhones because, in reality, a whole lot of the data that people have got floating around at the moment is probably sitting on their laptops and has been for years. It’s not enough to secure devices, we need to secure end points.

Every time I see a government leak, whether it’s deliberate and malicious, or accidental and driven by ignorance, I wonder why organisations aren’t using the security tools that have been around for years. Organisations need to be having serious conversations about encrypting data on all possible endpoints, across all devices, including laptops. 

So what are the real threats when it comes to the security of your organisation’s information?

A device is physically lost We’ve all done it at one point or another. The biggest threat of all isn’t being compromised electronically, it’s just plain losing your device or having it stolen. 

Information leakage Our second threat is the general problem of information leakage, where sensitive information is sent around the place, usually by email, and gets forwarded on and into the wrong hands.

Electronic compromise Devices can be compromised through the exploitation of potentially unsecure networks. With all the free Wi-Fi networks around, there’s strong potential for people to honey-pot on them and for your corporate information to be compromised.

Mitigation If you want to equip your people with laptops, why not just stick a cellular data card into the laptop, put them on a private APN and run all of your traffic back through your corporate network?

Doing this means you effectively never have your staff connecting their laptops or phones into public Wi-Fi networks. Instead, they can jump on the cellular network and terminate a private APN back into the corporate network, enforce all of your policies and know for sure that devices are on a trusted network.

Cellular connectivity is so cheap and fast these days, it makes no sense to be pushing people onto public Wi-Fi. Just put a SIM card in the device, put it on a private APN and it’s on a completely private network right into your corporate network. Then you've got both a trusted endpoint device and a trusted network termination into your corporate network, to enforce all of your policy.

You could go and endeavour to protect against the risk and assume all networks are untrusted, or you could just never put yourself onto an untrusted network – a much better idea! 

Chris Auld is chief technology officer for Intergen, which specialises in the design and application of Microsoft technology.

Story image
Kiwi businesses scramble to adopt automated tracking technology
New Zealand businesses are scrambling to adopt automated tracking technology as alert level restrictions due to the ongoing COVID-19 crisis ease and people move around more freely.More
Story image
How SnapComms, a Kiwi startup, turned an enterprise comms tool into a global powerhouse
SnapComms co-founders Sarah Perry and Chris Leonard saw the problems large enterprises were having with communicating effectively with their workforce, refused to accept the 'that's just how it is' mentality, and went to work to change the way we communicate.More
Story image
ExtraHop brings SaaS network detection and response solution to market
"Reveal(x) 360 is the culmination of a multi-year R&D investment to secure data centre, remote sites, and cloud workloads with frictionless deployment and actionable insights that can be securely accessed from anywhere.”More
Story image
Dell and Google Cloud deepen integration to bolster hybrid cloud storage
Dell and Google Cloud have announced the launch of their new hybrid cloud storage system, with the capability of moving as much as 50 petabytes of high-performance workloads.More
Story image
New East Asia and Pacific vice president named for Avaya
Sami Ammous has been named as the new vice president for Avaya's East Asia and Pacific business, including Australia and New Zealand.More
Story image
Alternative reality growing in popularity with enterprise customers
Alternative reality is set to become more popular with enterprise customers as immersive technologies open up more opportunities for businesses. More