Mobile ThreatsBy Bob Violino | Posted 2012-03-13 Email Print
Modernizing Authentication — What It Takes to Transform Secure Access
Enterprises need to deploy a layered defense and make data protection everyone’s business.
Layered security is especially vital for organizations that are increasingly relying on mobile technology.
Active Interest Media, an El Segundo, Calif., media company that produces enthusiast magazines and related consumer shows, Internet sites and books, has deployed a multifaceted security strategy that’s not overly complex but takes into account the growing population of mobile device users, according to Nelson Saenz, vice president of IT.
“We take what I like to describe as a simple but effective approach to overall security,” Saenz says. To protect the company’s corporate network, Active Interest Media recently refreshed its perimeter hardware with Cisco ASA 5500 Series Adaptive Security Appliances, which set up firewalls at each of its gateways. The ASAs “provide us with top-level protection from malicious attacks via a combination of strict access lists, for example, only opening ports and services that must be used for our day-to-day [operations],” he says.
Because Internet access and email routing are necessary for business, the company applies additional layers of protection via two security appliances: McAfee’s Web Gateway (formerly WebWasher) and Email Gateway (formerly Ironmail).
“By proactively scanning and filtering for Web- or email-bound viruses and malware, [the appliances] significantly reduce the likelihood of an attack coming in via the two main methods of entry,” Saenz says. “And because they are hardwareappliances, they are easy to manage and maintain.”
As the company moves increasingly to mobile devices and beyond the firewall, the principle “battlefield” for security is becoming smartphones and tablets, according to Saenz. “With the advent of mobile devices and the 'consumerization of IT,' instituting sufficient measures for this new breed of enterprise tools is a vital part of our security blueprint,” he says.
Active Interest Media uses Good Technology's Mobile Device Management (MDM) products to deliver enterprise data to devices, as well as to protect and secure employee-owned devices. “I realized early on that as mobile increasingly became where the majority of innovation was occurring, it would become vital to focus on implementing the proper solutions” to ensure that devices were secure, Saenz says.
With MDM, the company can more easily manage its growing fleet of heterogeneous devices; push standard security policies, such as passwords and lock limits to devices; and lock down and remotely wipe any lost or stolen devices. “We are able to adapt and deploy a proactive security framework for the ever-changing mobile landscape,” Saenz says.
“Multiple layered network security as a whole is very important for a variety of reasons,” says Brian Sellstrom, CFO and treasurer at Active Interest Media. “What immediately comes to mind is loss of revenue as a result of a malicious attack aimed at destroying our business. Any kind of significant downtime that would result from an attack on our network is, by itself, reason enough to take a proactive approach when it comes to securing our computing and mobile infrastructures.”