- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
Network World - The mobility and remote-access boom is technology powered but business driven. As small and midsize businesses (SMB) increasingly look toward technology to help them rebound in 2010, improved mobility solutions, greater employee productivity and a growing social media presence are all key strategies. Empowering employees with remote access can help SMBs thrive -- allowing them to improve customer service and add agility to their business model.
But increasing mobility also means increased risk to security of computing systems, data and the welfare of the very businesses that use mobile devices. We know, for example, that growing use of social networking and video-sharing Web sites increases network exposure to viruses and malware. And contacting those sites via roving laptops or handheld devices, which tend to be harder to secure, only exacerbates the risk.
This trend challenges SMBs to attain an all-inclusive view of who is entering the network and what data or software resides on mobile devices, and to create a well-controlled but user-friendly environment that protects sensitive business information. Security is a primary reason many organizations either resist enabling remote/mobile access for employees or confine it to a very select group of users.
Without question, opening the infrastructure to a remote connection always involves risk. Without proper safeguards, organizations are susceptible to data theft, network abuse, viruses, worms and other network security threats. Here are tips on managing the mobile workforce and wireless network:
* Secure the VPN: If you choose a VPN for access, it is critical to consider which information your organization is willing to share over a remote connection. If you are planning to transfer data that is in any way sensitive, be wary of pre-installed VPNs. Though most operating systems have built-in VPN protocols that can be implemented at a low cost, these protocols typically rely on little more than usernames and passwords, usually lack robust authentication and encryption components and can easily become open doorways that allow hackers to introduce worms, viruses and bots into corporate networks. For increased security, dedicated VPN applications can be configured to require all IP traffic to pass through the VPN tunnel and grant only selective access. But a multi-layer security strategy is the strongest, and even with the most sophisticated VPN applications, mission-critical systems containing sensitive business information should employ supplemental file-encryption and authentication tools.
* Secure mobile devices: If users have access to notebook PCs or smartphones, implement a layered security strategy, such as a combination of password protection, firewalls, partial or whole-disk encryption and antivirus/antispam software. Most security measures can be transparent and user-friendly, and adding layers to your security significantly raises the barrier to intrusion and data loss.
* Password protection and encryption: Ensure that each mobile device is password protected as well as encrypted. Also, consider using an automatically generated one-time password that is only valid for a single login session. Depending on the delivery method there is a risk of interception, however, the password will be invalid for future sessions. Finally, urge employees to use strong passwords. "Password" and "1234" are not acceptable anymore. A strong password should have an equal mix of numbers, letters and (if case-sensitive) upper and lower-case text.