Title: The New World of Security for Business Travellers
1The New World of Security for Business Travellers
- Anurag Lal
- Senior Vice President
- Strategic Services Business Development
- Wi-Fi Business Development Summit, Milan
- 26th October 2005
2THE SECURE MOBILITY DILEMMA
Painful Business Compromises
DEMAND FOR ACCESS
Availability
Usability
Security
Control
NEED TO PROTECT
3THE MOBILE RISK
Vulnerability Means Expense
4EVOLUTION OF THREATS
SECURITY 1 issue for Broadband Mobility
5SECURITY SOLUTIONS TODAY
- Piecemeal processes through bundled solutions
- Security tools and connectivity service operate
in silos - Danger from inconsistent or improper use of these
tools - Endpoint protection only when touching enterprise
- During Internet-only sessions, pre-VPN window,
and during VPN session - Accelerate remediation once new threat/antidote
discovered - Inability to combine best-of-breed point
solutions - No security vendor are strong across the board
- Forklift upgrade of existing security
components
6TRUSTED CONNECTIONS. NO COMPROMISE.
- Coordinated protection of identities, endpoints,
networks and data that ties together
authentication, compliance and network
authorization.
Device
Identity
Automated Assessment Remediation
User and Device Authentication
Data
Enforced VPN
Network
Role-Based Network Security
7SECURING THE CONNECTION PROCESS
INTERNET CONNECTION
LAN CONNECTION
Dynamic Policy Retrieval
Remote Vulnerability Remediation
Coordinated Network Enforcement
Endpoint Lockdown
Trusted Networks
Securing the Connection
Policy Orchestration Platform Single point of
control for managing and enforcing policies
8DEVICE SECURITY
Almost 2,000 mobile phones are lost every day in
the UK (Source Metropolitian Police, UK) 49
of organizations experienced laptop or mobile
phone theft (Source CSI/FBI 2004 Computer Crime
and Security Survey)
- Protection of information
- Username / Password (single factor)
authentication is not secure enough in current
environment. - Connection paradigm driving two factor
authentication to enable trusted computing. - Mechanism for digital fingerprinting and policy
enforcement that ONLY allows corporate authorized
devices to attach to the corporate LAN remotely.
9SUMMARY
- Mobility is rapidly evolving but it is not just
about connectivity - Security must be addressed from a holistic point
of view in order for gaps to be identified and
closed - Policy Orchestration services tie internet and
VPN access to both strong device/user
authentication and endpoint policy compliance
10(No Transcript)
11QA
Securing Mobile Data Sessions
Anurag Lal Senior Vice President Strategic
Services Business Development alal_at_ipass.com