Cisco Canada Blog

The changing state of network security and tips on how BYOD fits in

March 20, 2012

In a recent discussion with press and analysts in Toronto (and one member of the press in Montreal via Cisco TelePresence), I outlined Cisco Canada’s perspective on the global threat landscape and how it might impact enterprise IT departments —especially those being invaded by a variety of new mobile devices.

This involved presenting a variety of findings from latest Global Threat Report, including a stat that indicates enterprise users experienced an average of 362 Web malware encounters per month throughout 2011. Other findings suggest an average of 20,141 unique Web malware hosts were discovered every month throughout 2011, with 33 per cent of those classified as zero-day malware not detectable by traditional signature-based methodologies.

These evolving threats are growing on a monthly basis and provide the background for everything we do at Cisco from a security perspective.

Occurring at the same time as these constantly changing attacks is the much-hyped Bring Your Own Device (BYOD) movement. This trend – which will only continue to increase as 90 per cent of Canadian college students want to choose the device they use at their jobs – has an impact on your mobility strategy, your network and your collaboration initiatives.

How many data breaches have we seen in the past where hackers used rogue wireless access points to break into corporate networks – siphoning off a few credit cards numbers for good measure? With new Wi-Fi enabled mobile devices connecting to your network, the number of potential security holes can grow quicker than you can keep up with.

BYOD is coming and it will be really difficult for IT – or anyone else –  to stop it. If it already hasn’t, this inevitable new business trend will change the way you think about network security.

So if you’re just getting started figuring how you can get your enterprise and IT infrastructure ready for BYOD, here’s a few tips:

1. Stop thinking of security as reactive and start being proactive in your threat defence. Security architectures shouldn’t limit a BYOD plan, but instead facilitate and enable the new possibilities of the new mobile devices entering into your corporate space. Enterprises need to be flexible and embrace BYOD, but without compromising security in the process.

2. While BYOD may be unavoidable, planning for your employees’ new devices shouldn’t be. Creating a clear BYOD policy and the business architecture to support it should be the first step. Both business and IT leaders should be involved in drafting the strategy.

3. To support the policy, enterprise IT needs to implement an integrated and holistic network-based security solution. An end-to-end security platform, like Cisco’s SecureX product portfolio, should bring together context awareness, identity awareness and policy and threat intelligence in one package. Cisco’s Identity Services Engine (ISE) is particularly key to help enforce usage and access control polices among your employees’ smartphone and tablet devices.

This only scratches the surface of some of the new realities IT leaders will face in the world of network security, so keep your eyes peeled for more blogs on the subject in the coming weeks.

Leave a comment