* Historically, the network has proven to be the best place to start. Employees using new technology at work is not a new phenomenon. For more than 20 years, IT has dealt with internal demands for new technology. In the mid 1980s, applications for accounting and desktop publishing first became popular at home and were brought into the office, forcing IT to support them. With the adoption of the Internet, IT had to provide access to the Web and offer secure telecommuting for employees. More recently, Web 2.0 applications became an important component of corporate programs. With corporate information being dynamically posted to the Web, data leak protection and application control became critical. In every example, IT had to adapt to a changing environmentand utilize such network security technologies as VPNs, firewalls and IPS to safely meet user demands for information access. Mobile devices simply continue this trend.
The year in security mischief making that operate on their own and without network components offer limited protection. While antivirus and VPN clients running on desktops, laptops and mobile devices have a place in a security arsenal, they have never been and should never be the foundation for an IT security strategy. Protection should always begin with a network security solution that incorporates variety of technologies necessary for a multi-layered approach, such as firewall, VPN, IPS and application control. Unified Threat Management and Next Generation Firewalls consolidate multiple functions into a single device and enableIT administrators to easily monitor the flow of data and behavior of the device and the user while connected to the corporate network.
* Personal devices are becoming more heterogeneous and fragmented: The ‘personal’ nature and rapid evolution of such devices make platform standardization extremely difficult. What’s more, given the rate of change and the level of device and operating system fragmentation that exists in the mobile device industry, it is obvious that solving the mobile security challenge will be difficult by relying solely on agents. There are too many operating systems, devices and hardware platforms to expect agents to exist for every device and for every agent to act the same way on every device. Even today, one can take five smartphones from five different handset manufacturers all running the same release of the Android OS, install the same security suite on them and still have different levels of policies and enforcement available. This is unacceptable from a security standpoint and puts compliance with regulatory requirements and best practices at risk.
* It’s next to impossible to put a client on every device that needs access to information on the network: Most organizations deal with ad-hoc attachments to their networks from both the WAN and the LAN, such as contractors. An organization cannot expect to successfully deploy clients on every device that needs access to necessary information. Network security-based policies are necessary to deal with the large number of guests, contractors and customers that will access the network.
* Flexibility is critical: From simple VPN connections to virtual desktops to mobile device management (MDM) clients to company-owned devices, it’s important to provide the approach that’s best for the user, the company and the company budget. A network-centric approach gives organizations the ability to easily incorporate mobile users and devices into their existing security architecture.
* Policing corporate mobile policy is next to impossible: A recent survey of 3,500+ Gen-Y workers conducted by Fortinet found that the majority of respondents stated that bringing their own device (BYOD) to their workplace was a right and not a privilege. And nearly a third said they would contravene a company’s security policy that forbids them to use their personal devices at work for work purposes. Surely, a client-centric approach to mobile device security will face difficulties when so many workers will actively seek to work around corporate strictures. The network, under the authority of the IT organization, provides the visibility and control needed to protect corporate assets.
Simply put, the network has always and will always be the final authority on what information goes to and from devices. Ultimately, only network security technologies can answer the three critical questions crucial to safeguarding business data.
Since all traffic has to pass through the network, that’s the best place to secure all the information flowing to and from the devices that are attached to it.
Fortinet is a worldwide provider of network security appliances and the market leader in unified threat management (UTM). Our products and subscription services provide broad, integrated and high-performance protection against dynamic security threats while simplifying the IT security infrastructure. Our customers include enterprises, service providers and government entities worldwide, including the majority of the 2011 Fortune Global 100.