Protecting your Roaming Workforce with Cloud-Based Security How to use the cloud to enable BYOD and secure endpoints beyond your perimeter

By Gerhard Eschelbeck, CTO, Sophos

Remote and roaming workers are constantly checking email, downloading data and staying productive. Results are their top priority—security is not. IT departments must mitigate the risks of BYOD (Bring Your Own Device). You need to constantly update employee security software and scan their systems for viruses without reducing their productivity. So how can you empower remote and roaming employees with the tools they need, while still protecting your computing resources and proprietary data, and without busting the budget or hiring an army of security specialists? This paper looks at BYOD security challenges posed by employees working beyond the company's secure perimeter, and proposes a transition to a cloud-based security service.

The borderless work environment
Not long ago, securing computing resources was simple and straightforward: build a solid network perimeter with a strong firewall, add host intrusion prevention, and authenticate everyone who enters. Now, companies are reaping the benefits of a mobile workforce that operates increasingly outside the network perimeter. According to Forrester Research, these high-risk mobile workers create the most value for your company. In today's anytime, anywhere, any-device work environment, the new perimeter is the security software on employee laptops and mobile devices. Some of this software is difficult to update while the users are outside the office, requiring VPN connections for access and large update files that slow down an already spotty connection.

Five security risks of a roaming BYOD workforce—and tips to resolve them

Risk 1: Out-of-date software and policy
One common complain among traveling employees is that their security software and policy slips out of date while they work away from the office. When they return, their non-compliant systems are blocked from accessing the network, and all productive activity grinds to a halt while their computers download security updates and apply the latest policy. The old “layered security” approach that combined network security with local device configuration and security software maintenance simply doesn’t work. Effective protection requires a way to automate security policy configuration, threat updates and enforcement for laptops that are outside of the network than inside—whether they are connected in airports, hotels, coffee shops, remote offices or employees' homes. Tip: Choose a cloud-based security subscription service that offers secu-rity software and policy updates anywhere without slowing down users.

Risk 2: Personal browsing on company computers
Most employees are well-intentioned and security-conscious, but as the lines between work life and personal life continue to blur, it's understandable that they use work systems for personal tasks. Personal browsing and social media use on mobile devices creates insidious new social engineering opportunities, which cybercriminals are only too happy to exploit. Facebook, LinkedIn, Twitter and other social networking sites make it easy for employees to connect with friends, family and peers. Unfortunately, unsuspecting friends and co-workers may click on malicious links they believe to be from trusted acquaintances. Companies with rigid polices banning these sites report only marginal success as many employees either ignore the policies or find ways around them. A more pragmatic solution is to block web threats using an effective web-filtering solution.Tip: Take advantage of security software web filtering capabilities that block malicious and web-borne threats before they reach the computer, as well as enforce proper usage policy.

Risk 3: Exposing sensitive data
Enabling BYOD is a must in today’s business environment, and securing proprietary data should therefore be another major priority. Customer lists, account numbers, marketing and business plans, and other sensitive data likely reside on employee notebooks and mobile devices. What happens to that sensitive data if the mobile devices are lost or stolen? An easy-to-manage encryption solution and mobile device management are recommended to keep data safe in a BYOD world. Tip: To protect data and ensure compliance, be sure that your security solutions encrypt data on multiple platforms including both Windows and Mac. Select a single solution that gives you visibility into all the devices your remote users are using, including Windows or Mac laptops and mo-bile devices.

Risk 4: Mobile workers in charge of their own security
Making end users responsible for security is like putting the sales organization in charge of accounting. Security is not the average employee’s top priority or core competency. Many struggle with technology and few can install, configure, update, and properly use security software. Even if mobile employees are capable of performing security tasks, who wants them spending time securing systems rather than doing their jobs? In the BYOD era, many employers choose to bring their mobile devices to work. Don’t make the mistake of allowing your end users to be in charge of their own security. Tip: Security must be transparent to users and reduce the burden of IT admins by selecting a solution that will protect Windows and Mac com-puters equally with a single policy.

Risk 5: Unsecure storage devices
USB devices often contain sufficient storage space to easily accommodate massive amounts of data. They are produced for consumer use, lack inherent security, may be difficult to manage, and are easily misplaced. Industries with high compliance requirements such as healthcare, insurance and financial services may restrict the use of such devices. Even if industry standards don’t apply, utilization policies and monitoring may be advisable. Tip: Monitor USB device usage across the business, and deploy a realistic device control policy. Consider encryption solutions to ensure that any data stored on these mobile storage units is protected.

Why the cloud is the perfect fit for today's businesses
Cloud-based, cloud-managed security solutions are transparent for end users and simple for administrators. They protect data and endpoints by focusing on individual users, with policies that follow them across systems, Windows, Mac and mobile devices —wherever they go. With a Cloud solution, security becomes far easier to use, deploy and manage with one convenient, cloud-based management console that's available from any computer with a browser. Upgrades are automatic, coverage is everywhere, and it doesn't require complicated server setup or infrastructure maintenance. This simple, pay-as- you-grow, subscription-based service is a cost-effective way to protect your business.
Modern Cloud solutions deliver comprehensive, cloud-based protection as a service that includes state-of- the-art, advanced anti-malware, web security, web filtering and mobile device management. Moreover it:
• Secures Windows and Mac computers as well as mobile devices
• Protects users from infected websites
• Allows admins to set safe and acceptable web use policy with web filtering
• Enables BYOD by allowing you to easily manage mobile devices and security policy for laptops from one console with user-centric management and reporting
• Prevents the use of unwanted removable storage devices such as USB thumb drives, external drives and more

About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use that deliver the industry's lowest total cost of ownership. Sophos offers award winning encryption, endpoint security, web, email, mobile and network security backed by SophosLabs - a global network of threat intelligence centers.
Sophos is headquartered in Oxford, UK.

Dubai, UAE

This release was published on openPR.