Paul Lipman, CEO at iSheriff explains why cloud-based web security is a must for mobile workers
We have become a world of roamers. Today’s roamer is no romantic adventurer travelling the globe in search of adventures, but rather a knowledge worker, shuttling from office to client site to home; often hopping on a Wi-Fi network at a café or hotel. Experienced travellers know when to get vaccinated in advance against the risk of infection. So why doesn’t the modern mobile user take a similarly pragmatic approach to the risks of wandering unprotected into the cyber-unknown.
Organisations spend billions of dollars to protect their networks against outside threats. JP Morgan Chase, which was recently the victim of a significant and high profile breach, spends over $250 million (£163 million) a year on security. Despite this investment, attackers are still getting through the defensive perimeter and wreaking havoc.
Roaming users are a real and growing part of the problem. The security industry has invested heavily in ever more sophisticated ways to defend-in-depth the network, applications and data from attack, while customers scramble to keep pace.
Yet, it is a simple and common matter for a roaming user to unknowingly become infected with malware. Coming back into the office, the roaming user passes literally right under the nose of the network security team and their perimeter security devices and infrastructure. By the time our roamer has fired up their laptop and grabbed a coffee, it is simply too late. The malware infection is in the network, spidering out, replicating, perhaps pulling down additional files from servers across the internet—and getting ready to do what it was designed for.
The problem is that the whole concept of the server-based network perimeter has evolved—security threats are so advanced and persistent that we can’t count on keeping the bad guys out. Moreover, the world is clearly moving to a mobile, cloud-based IT architecture. The horse has bolted from the stable and we’re never going to get it back inside. So what’s the solution?
With constantly mutating cyber threats, security solutions must be more flexible and adaptable. Without a doubt, cybercriminals will find the gaps in your cyber-armour and today’s roaming user is a hole big enough to drive a metaphorical truck through.
This is where the cloud comes in. A multi-layered, cloud-based security solution doesn’t require significant set up costs or labour, but can cover fixed and mobile security needs with a single solution. With no up-front investment, these types of solutions are scalable and priced per user, so they will grow with your business.
The protection these services offer is constantly updated to cover ever-mutating malware and other types of vulnerabilities such as viruses, botnets, spyware and Trojans. Controlling application use is as critical as blocking malware; so a comprehensive web security solution should include the ability to remotely block the use of vulnerable, infected and risky applications.
Cloud-based web solutions are also globally available and incorporate all the digital points and platforms on which you do business—web sites, email, laptops, tablets, smartphones, etc.
Allowing users to roam is absolutely necessary in today’s business environment, but it doesn’t have to mean allowing huge gaps to exist in your security architecture.