Cyber warnings for international travelers

Globe trotting execs are specifically targeted by cyber thieves, both the state sponsored actors and criminal types. Travelers from Australia, Germany, Japan, UK and USA are the favorite targets.

Now that you realize you have a target on your back, what should you do? Advice is available from many sources including several government agencies. Their first point is the obvious one – if you don’t need it don’t bring it. Consider trimming your electronic cargo to the minimum; go light and bring only what is absolutely necessary. Back up your systems and try not to bring critical intellectual property.

The US Office of National Counterintelligence  offers a short travel tips guide that every international traveler should review. You might expect warnings about  someone looking at your screen, beware of hotel wireless, etc but did you consider,” If a customs official demands to examine your device…. assume that it has been copied…?”

Advertisements

SDN Sizzle

It’s funny. It seems there are two sets of conversations around SDN, and perhaps around every new technology.

First, there are the business entities (vendors, disti’s, VAR’s, SP’s, end-users) who dismiss the general hype and then take their existing product set and re-position themselves within their general definition of the technology, basically pulling SDN (or VDI, or whatever) back in its evolutionary progression, and highlighting existing capabilities they have that “already do SDN, and have been for years”.
Second, there are the business entities that embrace the hype, define it in their own way (“spin”), and talk about how their new products will fit into their definition of the SDN hype.

It feels like those firms that are not marketing oriented, who are really engineering oriented, will fall into the first camp. These firms come across as defensive and there is a whiff of a threat that they cannot quite get their heads around. Conversely, the firms who understand the value of the hype and are trying to ride the wave in order to sell their products, fall into the second camp. Their threat is the risk of being exposed as a “fake” by the engineers of the first camp who dissect the second camp’s solutions such as they are, in the here and now, dismissing the marketing opportunity, all for the sake of truth in engineering.

I wonder if the first camp is going to lose. If not outright, might they lose a step or two?

Sizzle sells, whether it is perfume or routers.

BYOD: Powering the “Shield”

Regular followers of this blog know that BYOD (Bring Your Own Device) is a hot button issue of mine.  In recent posts, I’ve explored some of the challenges faced by the never-ending flood of personal devices in the workplace – security, compliance and management key among them.  But hopefully, I’ve also conveyed an enthusiasm for all BYOD has to offer.  More than a powerful enabler of productivity, it also helps employees be more responsive to customers.  When you think of it, this is every company’s goal. 

There are many strong opinions about BYOD, and I can take up more than a few blogs on the topic.  But the truth is – whether you love it or hate it – BYOD is here to stay and companies must be prepared to handle all it brings.

As a first step, companies must devise a strategy that specifically addresses security, compliance, and management.  It’s more than securing the individual device – but ensuring the actual network stays safe.  Going beyond security is addressing such things as mobile application management, or how enterprises ensure access to apps that improve employee productivity.  It’s also about application enablement – determining which apps to include in the mobile device toolkit — and then limiting those that pose a threat.  The biggest challenge is delivering all this functionality under one umbrella – in a cohesive package.

That’s why I’m so pleased to introduce BYODShield.

Today, Westcon announced our teaming with BlueCat and Fiberlink to provide an industry first – a subscription-based service delivering a multi-layered “shield” that specifically addresses security, compliance, and management issues created by personal devices in the workplace.  We’re tightly integrating formerly disparate network security and enterprise mobility offerings — packaging them alongside our deep GOLDShield technology pre- and post-sales support model – and creating an all-in-one solution.  It’s a service that virtually eliminates current and future headaches associated with provisioning, servicing, securing, and managing thousands of personal devices. 

But it’s much more than a simple partnership.  Really, any distributor can do that.  We’ve successfully brought together BlueCat and Fiberlink to jointly write code exclusively for Westcon.  The functionality delivered by this deep collaboration can’t be found anywhere else.  We’re really proud of the result – integrating award-winning technology with our unsurpassed expertise in security and unified communications. 

When it comes down to it, BYODShield is about demystifying the complexities of managing and securing personal devices in the workplace.  Instead of trying to contain BYOD, we help you embrace it.  And it’s something you’ll see us do even more down the road.  Because the real future of distribution comes through offering resellers a consistent, unified, and integrated approach to solve their most complex technology challenges.  And a good distributor will tackle the integration and do the legwork for you – backing it with all services necessary to make it work.

Like anything new, BYOD is a scary proposition that can cause nightmares for any CIO… But before losing any sleep, take a step back and see what’s possible when leveraging the right tools.  And be sure to check out more about BYODShield at http://us.westcon.com/byodshield

 

BYOD 2.0

Westcon and Comstor continue to work with customers around the world in delivering BYOD solutions to the end-user community.  With any nascent technology, there are doubters as to the true need of securing the device, the network, and the enterprise via technologies such as MDM, NAC, and IPAM.

My point here is that the work done today by resellers and end-users in securing the environment against the onslaught of phones and tablets is a necessary rehearsal for what comes next.  Think Google Glass.  If an organization is not ready to secure itself against the current tablet/smartphone wave, how will it be ready for the more complex set of security challenges inherent in new devices such as Google Glass, that consume and generate significantly more information and pose new complications in terms of security and privacy.

Just like everything else, practice makes perfect – if you have an active, exercised  framework of policies and guidelines that can support the current BYOD phenomena, you will be that much more ready for the next wave of IP-enabled devices.  Wearable technologies such as Google Glass are coming.  Corporations currently relying on security frameworks from 5 years ago is like hoping your moat will keep away a Reaper Drone.

MAM, MDM & BYOD

I read an interesting article the other day from an analyst I greatly respect, but have to disagree with regarding MAM and MDM. At the risk of oversimplifying the technologies involved, MAM – Mobile Application Management – is a piece of software that allows an organization to present a customized appstore to their employees or customers.  MDM – Mobile Device Management – is a technology that allows an enterprise to manage the hardware, software, network access, and security profile of an employee/visitor’s mobile device (MDM is a big part of the BYOD security play).  Some MDM solutions have a MAM component.  In other words, within the MDM solution, there is the ability to present a customized appstore.

What I think is important to clarify is that though some MDM’s have MAM capabilities, MAM alone is not a way to secure an employee/visitor device.  MAM does not secure the hardware, software and network access within the mobile device.  MDM does.  

Don’t get me wrong.  You need both functionality.  My concern is that people acquiring a MAM solution should never think that they are actually securing the Mobile Device.  

IT presentations are not news articles

Is it me, or are we seeing more and more online IT journals doing powerpoint presentations instead of actual articles?
Each day, we all get emails of articles from various IT publications, and inevitably they hit on a topic that is timely and of serious interest within the organization. But, when I click on it, I end up with a fluffy slideshow of material that wouldn’t suffice for a real presentation, and apparently doesn’t suffice for a true article.

There are so many great IT journalists out there. I have spoken to many of them myself, and their depth of knowledge is impressive. How can we get more of these great journalists to write deep, informative articles? And how do we stop the presentations?

BYOD – Framework

BYOD – Bring Your Own Device

Our conversations with the channel (vendors, resellers, service providers, and systems integrators) around BYOD break into two categories – Security and Productivity. It sometimes helps to frame the categories of the conversation for our customers, and thought we would share some of that here…

Security
BYOD creates a number of security challenges and it sometimes help by breaking down the different ways to look at what needs to be secured:
1. Securing the actual device – We have been working closely with vendors and partners in Mobile Device Management (MDM). This is a very hot topic, and continues to see extensive growth. We are engaged with Mobile device management solutions in three different forms around the world – cloud based, appliance based and data center software based. Within MDM there are four areas of functionality to be assessed for any given solution – Hardware control, Software control, Network Services management and Security management.

2. Securing the network – Our focus here has been around Network Access Control. Reason being, our long-history in networking allows us to work closely with our partners to help them jump on NAC quickly. NAC was last really utilized when companies installed their guest wifi networks, and now that same type of concepts can be applied quickly for a BYOD zone within the wireless architecture as a quick “if you do nothing else, at least do this” type solution. In addition to NAC, IPAM is another area getting more and more activity with our channel partners. There are some excellent vendors who have focused on this market for years, and with BYOD, they now step back into the spotlight again.

3. Enterprise policies – Many of our security partners are working closely with customers on the development or enhancement of employee policy write-ups necessary as BYOD continues to grow. There is a global implication that companies really need to understand since the legal definition and acceptability of wiping a device, as an example, is different around the world.

4. Securing the Data at the source – in addition to the security capabilities that may be available with your MDM solution, organizations still must evaluate their Data Loss Prevention (DLP) policies and solutions. It’s obvious on paper, but sometimes not caught in the BYOD planning, that there has to be a review of the firewalls, WAN opt, Application Acceleration tools and appliances.

Productivity
1. Mobile Application Management – not to be confused with MDM, MAM is all about how the enterprise makes available apps that improve productivity of the employee who decides to utilize their own device. MAM helps the organization properly present to the employee the corporate developed apps as well as the 3rd party apps that are part of the “approved app store” that the enterprise wants to present to the employee.

2. Infrastructure – As organizations take on multiple devices per employee, it is only natural that the bandwidth of the network will need to grow. Wireless/Wired security, port size, and alternate network access technologies such as 4G/LTE and Femtocells are viable components of the new network architecture.

3. Application Enablement – so….about those apps….organizations will turn their developers loose on mobile app development, which is to be expected. But, in addition to those tools, there will be more and more utilities that organizations will incorporate into their toolbox. Two that we see becoming very popular are 1) tools that provide direct access to corporate data. Think of these as mini pipelines into select corporate databases with raw interfaces. And 2) Tools that convert existing corporate applications to fit alternate BYOD form factors such as tablets, phones and phablets.

Hopefully this gives you a framework for how to think about your BYOD project, and perhaps even a mini-checklist for you to use as you consider different aspects of the impact BYOD will have on your organization. This is by no means exhaustive, but has shown to be a good start for our resellers when they partner with Westcon and Comstor to provide BYOD solutions to their end-users.