Posts Tagged ‘IT security’

By Bernd Reder

As the workforce becomes increasingly mobile, the methods by which users access critical business tools must evolve in kind. In the past, the desktop environment and all of the resources it hosted were only accessible if an individual was sitting right in front of his or her computer. But now, with the advent of laptops, tablets and smartphones, we’re seeing a paradigm shift—one in which digital assets are no longer imprisoned by local hard drives.

Virtual desktops allow employees to remotely access their traditional systems from any location, eliminating device storage concerns as well as numerous other headaches for IT managers. For example, if the IT department had to install a suitable desktop environment on every device used by every employee throughout the company, then provide technical support and roll out regular patches for each one, the workload would likely far exceed the department’s capacity.

A Central Virtualized Desktop

With virtual desktops, individuals working off-site can still access all the tools held within their office work stations, from the operating systems to essential applications and associated data. Not only is this more convenient for them, but it is more practical and less cumbersome for IT administrators. All sensitive information and tools are housed and managed in a secure location, mitigating the risks to company data if a security breach compromises an employee’s mobile device.

All of the company resources being accessed remotely are stored in secure data centers. Rather than having to constantly update and patch the myriad of tablets and smartphones that workers use while outside the office, IT managers can focus on deploying security measures that govern remote access privileges. Though this doesn’t completely eliminate the possibility of an attack against an employee’s mobile device affecting the organization, it greatly reduces those risks—more so than any alternative—and better equips IT personnel to safeguard important information.

According to a survey from U.K.-based market research firm Visiongain, more than half of U.S. respondents are either planning to virtualize their desktops or are considering exploring this option within the next 12 months. Visiongain also states that the world market for Virtual Desktop Infrastructure (VDI) products reached $11.6 billion in 2012, and predicts annual growth of almost 15 percent through 2015.

Where VPNs Come Into Play

Paramount to any VDI is a secure link between the virtual desktop and the device being used by an off-site worker to access it. As such, VPNs are indispensable. They ensure that data is transported across a secured, encrypted connection.

However, this is far from a “one-size-fits-all” solution. On-the-go employees will often use various mediums to connect to their virtual desktops, including public Wi-Fi networks at airports and hotels or local networks at the offices of current or prospective clients. A company’s VPN system has to be configured to securely handle all of these options if users are going to be able to safely and efficiently access their virtual desktop environments. What’s more, VPNs must be able to seamlessly handle transitions from one medium to the next, such as LAN to Wi-Fi, so that the connection is not lost or processes are not interrupted at inopportune times. If access proves problematic, the benefits of VDI begin to dissipate.

In order for companies to tap into the benefits of virtualized desktops, they must invest in robust VPN solutions that account for all possibilities and automatically initiate the proper security settings based on the communication medium an employee is using. Whether in a coffee shop with public Wi-Fi or another office location within the same organization, the VPN should be able to manage them all. Such a task is perfectly fitted to a dynamic personal firewall. Where run-of-the-mill VPN systems might fail, expertly developed and well-matured solutions will not.

Today, Rainer Enders, VPN expert and CTO of Americas at NCP engineering, addresses how IT and data management executives can properly protect their corporate data.

Q: What are the most effective steps IT and data management executives need to take in ensuring the best security for corporate information?

Rainer Enders: There is no substitute for best-of-breed security solutions. IT managers must realize that only betting on one vendor for all security needs will leave security holes in the architecture. A key starting point is the assessment of risk and exposure. For example, if you do not have employees working outside the office, you’ll have far different security implications than if you have a large mobile workforce. Obviously, the cost of the solution must match the assets at risk that will be insured and protected against damage or loss. A clear and concise security policy must be established that involves all the key stakeholders, and the policy must then be implemented and enforced at all levels. This is probably the most important and, sadly, the least followed advice.

Another trap many IT managers fall into is changing security infrastructure too quickly. Rather then taking a blended migration approach, a rip-out-and-replace approach is usually implemented, neglecting benefits and merits of existing incumbent security technologies. This has happened when SSL VPN was introduced to replace IPsec VPN. Customers followed early promises, only to see many companies now returning to the “old” IPsec VPN or adopting a hybrid approach, which would have served them better from the start. So any security architecture framework should follow the technology, not a vendor product roadmap.

If you have any questions on VPNs or anything else related to secure remote access, send them to editor@vpnhaus.com. 

Rainer Enders is CTO, Americas, at NCP engineering.

Dark ReadingHalf Of Machines Shopping On Cyber Monday Likely Contain Vulnerabilities
Midsize Insider  – IT Security Threats: The Predictive Problem 
SearchCloudApplications Mobile cloud trends: Apps let enterprises handle the risks of cloud computing
TabTimes  Study: Forget corporate deployments, BYOD will drive business adoption of Windows 8 tablets

Government Computer NewsNIST spells out baseline security requirements for next-gen mobile devices
CSOElection sabotage: A threat much older than hacked e-voting
InformationWeekMalware Tools Get Smarter To Nab Financial Data
SearchSecurity – Remote access Trojan evades detection using mouse functions

Great news! NCP engineering is proud to announce that is has taken first place in the VPN/IPsec/SSL Innovations category at the fourth annual 2012 Golden Bridge Awards!

After being named a finalist back in August, NCP is thrilled to see this momentum come to fruition, reinforcing the company’s position as the leading provider of robust enterprise VPN solutions. As the Gold winner in its category, the NCP Secure Enterprise Solution was recognized for its flexible approach that makes end-to-end secure remote access simple for the enterprise. The centrally managed software solution provides IT staff with a single point of administration for a company’s entire remote access system, including hybrid IPsec/SSL VPNs, personal firewalls, certificate management, provisioning and practical Network Access Control (NAC) functions.

As a bit of background on the Golden Bridge Awards, the program recognizes the world’s best in organizational performance, innovations, products and services. More than 40 judges from a broad spectrum of industry voices around the world participated in determining the 2012 winners.

 NCP took first place for its NCP Secure Enterprise Solution, which is comprised of the NCP Secure Enterprise Client, the NCP Secure Enterprise VPN Server and the NCP Secure Enterprise Management System, is designed specifically for companies with large, complex remote access environments. The 100% software solution was developed from the ground up to be interoperable with all major network-layer security technologies, including VPN gateways and firewalls, preventing vendor-lock pitfalls.

For NCP, this distinction is the most recent in a series of industry accolades, including garnering finalist status in the Golden Bridge’s sister awards, the Network Products Guide’s 2012 Hot Companies and Best Product Awards and the Info Security Product Guide’s 2012 Global Excellence Awards.

Congratulations to all other Golden Bridge winners this year, and stay tuned for additional award announcements from NCP!