Still think you don’t have to get on the bring your own device (BYOD) bandwagon?
That 71 percent figure is but one of many findings from the Cisco 2011 Annual Security Report, an exhaustive document that examines not just the state of security for the past and coming year, but also some key trends with security implications. They include the remote access and bring your own device (BYOD) issues and how employees are using social media. (The report is available here as a PDF.)
“I think for many organizations today, the BYOD issue is less a matter of ‘No, we can’t do it’ and more a question of ‘How do we do it? What positive, responsive actions should we take to manage the mobile device situation in our organization?’” says Nasrin Rezai, Cisco’s senior director of security architecture and chief security officer for the Collaboration Business Group.
“Many people think BYOD is about the endpoint, but it’s much broader than that,” says Russell Rice, director of product management for Cisco. “It’s about ensuring consistency of the user experience working from any device, whether it’s in a wired or wireless environment or in the cloud. It’s about the policy elements of interaction. And it’s about your data, how it’s secured, and how it traverses inside all of those different environments. All of these things must be taken into account when moving to BYOD—it really is a change in mindset.”
Indeed, Cisco identified 13 focus areas that are affected by the move to BYOD along with some questions to ask about each. They provide a good glimpse into the complexity of the issue. Some samples:
- How will device compliance to security protocols be validated and kept up to date?
- What will organizational policy be on the use of noncorporate devices in high-compliance or high-risk scenarios?
- How will the organization handle application interoperability testing with noncorporate devices?
- What will the organization’s policies be for providing support to noncorporate-owned devices?
But making the effort to address the issues can bring impressive results, at least in Cisco’s case. The company is using one of its own products, the IronPort S670 Web Security Appliance, to block malicious web sites before they are loaded onto a user’s browser. The idea is to protect against zero-day threats – those for which no attack signature has been identified. After a six-month proof of concept and 2-year pilot, WSA has now been rolled out to all Cisco employees – and it is finding lots of bad stuff, according to the report:
“Cisco is now experiencing its highest-ever level of protection from web-based threats,” says Jeff Bollinger, senior information security investigator for Cisco. “We average 40,000 blocked transactions per hour. And in just one day, the WSAs blocked 7.3 million transactions, including 23,200 Trojan downloader attempts, over 6800 Trojan horses, 700 worms, and nearly 100 phishing URLs.”
Perhaps those numbers are self-serving – Cisco is tooting its own horn, I realize. But as we’ve written before, the threat of malware to mobile devices is real so enterprises would be wise to follow Cisco’s lead and look into some sort of web security tool to protect themselves. It’ll be a good investment as you find your way to a BYOD future.