123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> System-Network-Administration >> View Article

The Challange - Security Vs. Mobility

Profile Picture
By Author: Orly Luca
Total Articles: 3764
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

The overwhelming increase in the mobility of the corporate workforce and the availability of wireless internet connections in airports, hotels, and coffee houses, creates an unbearable challenge to IT managers. Whenever employees, travelling with their laptops, connect to a hotel hotspot, they are in fact connecting their corporate computers to an unsecured network, shared by hundreds of guests. This innocent connection jeopardizes sensitive data and can bring back security threats into the corporate network when returned to the office. For this reason, IT managers have adopted rigid security policies, creating a conflict between the need for security and the productivity of the mobile workforce. For example, some organizations consider the returning laptops as infected. The infected laptops are completely formatted and cleaned. Some allow dial-up connections-only (no Wi-Fi), while others go further to completely prohibit the connection of laptops to the Internet outside the corporate network.
This unbearable conflict between security and mobility can only be solved if the mobile force is equipped with the same level of ...
... security as they have inside the corporate network. To understand what this means, we should examine the level of security that is maintained inside the corporate networks.

Corporate Network - Two Lines of Defense

Corporate users enjoy higher security levels inside the corporate network because they operate behind two lines of defense. The first line of defense, is a set of robust security appliances, installed at the IT center and exclusively controlled by the IT department. It is largely based on a comprehensive set of IT security appliances running secured and hardened OS, with Firewall, IDS, IPS, Anti Virus, Anti Spyware,
Anti Spam and Content filtering. The second line is based on the Personal FW and Anti Virus software installed on end-user's computers.
The first line of defense completely isolates the user at the physical and logical layers.
Unlike PCs, these appliances are equipped with a Hardened operating systems that do not have security holes, back-doors, or unsecured layers. They are designed for a single purpose, to provide security.
The first line of defense provides the following advantages:
- Mobile code is not run - content arriving from the internet is not executed on these appliances it just goes or does not go through into the network. It makes it more difficult to attack as the mobile code delivered by the hackers does not run on the appliances.
Cannot be uninstalled - Security attacks often start by targeting the security software, while trying to uninstall it or stop its activity.
Software-based security solutions, as any software program includes an uninstall option that can be targeted. In contrast, the hardware-based security appliances cannot be uninstalled as they are hard coded into the hardware.
- Non-writable Memory - Hardware-based solutions manage the memory in a restricted and controlled manner. The security appliances can prohibit access to its memory, providing greater protection against attacks on the security mechanism.
- Controlled by IT personnel - The security appliances are controlled by IT, who constantly maintains the highest security policies and updates.
- Performance - The security appliances are optimized for maximum security and operate independently from computers in the network, not degrading the performance of the desktops or consuming their resources.
Consequently, the corporate PCs reside in a secured environment. If the security is breached, at least the damage stops at the gateway. The first line of defense prevents threats from entering the corporate network. While the second line serves as a precaution and help defend against threats that may have already entered the network (e.g. emails). But the real problem starts when the corporate PCs go in and out of this secured environment. Outside the corporate network they are at the frontline with no first line of defense. The problem intensifies as they return, bypassing the first line of defense as they enter the network. These laptops can be considered as the greatest threat because they unknowingly infiltrate security threats
into the supposedly safe network.

Total Views: 472Word Count: 644See All articles From Author

Add Comment

System/Network Administration Articles

1. Fiber Fused Biconical Taper Systems And Fiber Cable Cutting Machine Potential
Author: Ryan

2. Understanding Polarization Maintaining Fiber Rotation Systems And Their Applications
Author: Ryan

3. Cat6a Patch Cable: The Best Preference For Comprehensive Cabling
Author: Ryan

4. A Brief Idea About The Mtp/mpo Cables And Their Use
Author: Ryan

5. 5 Reasons Why A Smart Bus Ticketing System Is The Future Of Public Transport
Author: Limon

6. How To Implement Technology In Your Inbound Call Center?
Author: DialDesk

7. How To Choose An Enterprise Help Desk It Support Company
Author: Entrust Network Services

8. Cost-effective Network Solutions For Offices In Singapore
Author: Entrust Network Services

9. Choosing Between Uv Light And Heat Ovens For Superior Performance
Author: James

10. The Right Tools And The Right Radius Are Vital In A Fiber Optic Polishing Process
Author: James

11. Lc And Sc Connectors Explained: Which Fiber Connection Is Right For You?
Author: James

12. A Closer Look At Armored Fiber Patch Cables
Author: James

13. The Essential Guide To Fiber Connectors: Sc, Fc, Lc, And St Explained
Author: Ryan

14. Wireless Network Setup Solutions For Offices By Entrust Network
Author: Entrust Network Services

15. Pcb Manufacturing: Understanding The Burn-in Test Process
Author: Ryan

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: