Solve the mobility security challenge
Scott Janney, Regional Manager for Emerging Technologies with infrastructure security
specialist Juniper, explains how to secure your mobile workforce quickly and easily with SSL
VPNs.
The uptake of mobility solutions is growing at a rapid rate.
From simple applications such as email, to more complex business processes such as sales
force automation and supply chain management, business and government expect to
realise all the benefits these mobility solutions can offer.
And these range from tangible benefits such as cost savings, streamlined business processes
and increased productivity to less tangible outcomes such as improved communication and a
competitive edge.
Currently, the most popular mobility devices used by business and government include
wireless data cards, PDAs and Blackberry's. These connect to corporate email and application
servers to give mobile workers access to business critical information – from anywhere, at
anytime.
Because wireless devices use the airwaves however, they are more vulnerable to interception
and attack than a wired connection.
So when staff hit the road, they risk leaving one important thing behind – network security.
Without the right security systems and processes in place, organisations put themselves
at risk from a range of threats. These include malicious attacks, unwanted applications or
unwanted users accessing confidential data from the corporate network.
And concerns such as these have, to date, inhibited many organisations from adopting a
mobility strategy.
But security no longer needs to be an inhibitor.
With SSL (Secure Socket Layer) VPN Remote Access Services, mobile workers can securely
access business critical applications using any wireless device, from anywhere in the world.
What is an SSL VPN?
SSL VPN provides a method for securely transporting private data across the public Internet.
Instead of relying on the end user to have a configured client on their mobile enabled
device, SSL VPNs form a connection between the user and the internal network via a secure
Web connection at the application layer – independent of any operating system.
And SSL VPNs enable secure remote access from any Internet capable device – whether they
are connected via a mobile or fixed network.
Security that delivers increased flexibility and control
SSL VPN bridges the security gap between the web server and remote users, providing a
level of simplicity that other security standards cannot offer.
Traditionally, remote access security solutions provided a fixed level of access based
only on who the remote user was and where they were located.
These hard-wired services did not adjust for the level of security of the end-user device
or network that the user was coming from.
They were also expensive to maintain as separate services.
SSL VPN gives mobility new meaning. Because it operates at the application layer,
SSL VPN offers extremely granular access controls. This means users are no longer constrained
to use specific devices or work from designated locations.
Different levels of access can be granted to different users depending on who that
person is, what kind of mobility device is in use, time of day and other variables.
For example, while employees may be given access to the complete network, customers or
business partners may only be given access to specific applications at specific times.
Likewise, a single user may be offered full network access when connecting using their
company PC, but only be granted web mail if their antivirus software is out of date, or if
they connect via a wireless data card.
And because of the granular nature of their access policies, SSL VPN Remote Access Services
enable organisations to meet corporate governance guidelines as documented in ISO 19977.
Endpoint security
SSL VPNs can provide the following endpoint security features:
- Host integrity checking: scanning for viruses and other infections using APIs to partner-company
anti-virus systems before granting client access
- Compliance checks: ensuring conformity with corporate antivirus, personal firewall,
and OS software settings
- Protecting from malware applications (including keystroke loggers)
- Denying access, quarantining, and/or providing remedial action (updating the antivirus
signature without help-desk involvement) if compliance test fails
Scott Janney is the regional manager for Juniper's emerging technologies business in
Australia and New Zealand, which focuses on SSL VPN, intrusion detection, application acceleration
and access control technologies. Prior to joining Juniper, he held positions at McAfee and
Netegrity. He has ten years experience in the security and networking space.
You can learn more about how to implement a secure mobile data strategy at Macquarie Telecom's
Business Mobility seminar.
>> Register your interest to attend a FREE Business Mobility Seminar with Macquarie Telecom.
| 
