Avoid mobile security headaches
Being online anytime, anywhere sounds great ... in principle. But access devices such as airport or tradeshow internet kiosks, hotel computers, wireless PDAs or a friend's home PC are beyond the control of IT managers and, for many, this may sound like a risk too far.
There is every reason to be cautious about enterprise access from unmanaged devices. Threats such as Trojan horses, key stroke loggers and uncontrolled viruses and worms are even greater when unknown devices access the corporate network.
Until now access was only possible on corporately managed laptops, and their customised, locked-down configurations ensured that only authorised devices were allowed access to the enterprise server.
Because of this, remote access security has focused on ensuring that the user of the remote device is indeed the person they claim to be. And many methods have been tried, such as one-time passwords and smartcards.
But today we must go beyond just authenticating users and extend ourselves to managing the risks inherent in the users' computing environment: their operating systems, browsers, applications and even the type of network they are on.
[ Read more ]