Security for your Enterprise

End Endto

Trend > More Devices Add Up to More Security Risks

The increasing use of smartphones, tablets and other wireless mobile devices in the

enterprise, together with the growing popularity of “bring your own device” (BYOD)

computing, exposes your organization to a new set of security risks.

What’s more, the rise of cloud computing, and the exponential growth of “big data”

gathered from embedded “smart” embedded devices poses a whole new category

of security threats.

Unmanaged mobile devices are

vulnerable. The growing BYOD trend

requires up-to-date management policies,

coupled with robust document

management procedures and

infrastructure monitoring to

guard against unauthorized

connections.

78%78 percent of enterprises in

North America and Europe surveyed

by Forrester Research identified

mobile security as a ‘critical’ or

‘high priority.’

(Source: Forrester Research, “Latest IT Trends for Secure Mobile Colaboration” 2013, commissioned by Cisco Systems)

Trend > Threats Grow as Personal Tech Moves into the Workplace

The lines are blurring between personal technology and company-owned technology in the workplace.And this trend works two ways:

• Employees are uploading personal applications onto company-owned devices.

• And they are loading high-value business content onto personal devices, and to

potentially unsecure cloud-based storage.

Recent statistics show attacks against devices and networks are increasing in both scale

and variety.

Mobile malware is a growing threat. Android users accounted for 71 percent

of mobile malware encounters in 2013, followed by Apple iPhone users at 14 percent.

Many users download

mobile content WITHOUT considering security.

(Source: Cisco 2014 Annual Security Report)

Cumulative threat alert totals

increased 14 percent

year-over-year from 2012 to 2013.

14%

Trend > Smart Embedded Devices are Also Vulnerable

Security may be an afterthought in network-connected “smart devices.” Internet

connected and wireless embedded devices, including office equipment, point-of-sale

terminals, information kiosks, surveillance systems and interactive signage, may lack

adequate security safeguards.

As the population of smart devices continues to

expand, organizations need to invoke best practices for

monitoring, management, anti-malware defense and

protection of critical data assets.

Data analytics involve privacy implications. Policies to

protect private data are essential to avoid loss of trust and

potential liability issues.

(Source: Cisco 2014 Annual Security Report)

Trend > In the era of “big data,” mining and analysis of data from embedded devices can create a competitive advantage for many businesses.

“Malicious traffic is visible on 100 percent of corporate networks.”

Focus > End-to-End Security is More Complex Now

End-to-end security includes the security solutions used to protect the devices at

either end of a network connection.2

Until relatively recently, these endpoints consisted almost solely of servers at the

back end, and PCs at the front end. This client-server architecture simplified

endpoint security because an IT staff could control the servers and PCs connected

to the network.

In the “post-PC” era, smartphones, tablets, and embedded computing and

communications systems, have seriously complicated end-to-end security challenges.

Implementing effective end-to-end security protection involves many elements: • Verifying the identity of every connected device and user

• Establishing secure connection sessions

• Encrypting and decrypting sensitive data

• Keeping devices and applications (such as Web browsers) free of software bugs

and malware

• Ensuring users know and observe best practices

• Protecting the network itself solutions including traffic monitoring and intrusion detection

2 Behringer, Michael, Cisco Systems. “End-to-End Security” Published in The Internet Protocol Journal, Vol. 12. No. 3. Retrieved from http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_12-3/123_security.html

Get started with a comprehensive end-to-end security policy that

covers all endpoint devices, as well as the network.

• Conduct a thorough security vulnerability assessment of your

environment, including all connected client devices, cloud services

and social media.

• Discover points of security vulnerability; then define and enforce

effective preventative policies for secure operation of devices,

applications and service.

• Harden all endpoint and mobile devices, and require layers of

authentication for users and devices.

Get Prepared Step 1

• Protect and defend devices against viruses and malware.

• Perform comprehensive patch management.

• Encrypt classified data.

• Block intruders and prevent unauthorized physical access, in addition to

blocking unauthorized devices and software in accordance with policies.

• Implement two-factor authentication procedures.

• Consider tokenization systems to protect transactions.

• Install network intrusion detection systems (IDS) and security protocols,

such as IPSec.

• Comply with industry standards such as the Payment Card Industry Data

Security Standard (PCI DSS).

Defend Your AssetsStep 2

• Monitor network traffic and log files to identify security-related events.

• Track outbreaks from beginning to end.

• Isolate affected endpoint devices and network elements, such as routers

and gateways.

• Perform remediation.

This phase often involves the use of security information management

systems (SIMS) and forensics applications.

Contain and Remediate Step 3

Action > Connect with Insight for the Answers You Need

Insight’s endpoint and network expertise includes planning and

consulting across all phases of cyber security protection:

• Compliance management

• Network security

• Recovering from security breaches

• Evaluating security vendors

• Policy-based threat and risk management

• Authentication and access control

• Data loss prevention

• Data encryption

• Endpoint management

• Mobile device management

• Data center and network security optimization

Schedule a personal consultation today.

1.800.INSIGHT

Insight > Resources You Can Rely On

Insight is a global provider of information technology hardware,

software and service solutions to business and public sector

organizations.

• $5.1 billion in revenue in 2013

• 5,200 teammates worldwide

• Operations in 22 countries, serving clients in 180 countries

• 2,300+ product and industry certifications

• Partnerships with 5,000 manufacturers and publishers

• More than 70,000 commercial and public sector clients worldwide

• Global software reseller with extensive License Management Services

• Software lifecycle support for 80 percent of Global Fortune 500

• Number 470 on the 2013 Fortune 500

Schedule a personal consultation today.

800.INSIGHT t INSIGHT.COM