Mar 242011

Mobility Security was a big concern with the CIOs at our last virtual roundtable. Several CIO Executive Series members have purchased iPads for themselves and their staff because they need to start testing access and security requirements.

During our roundtable discussion, one CIO Executive Series member mentioned he has over 200 iPads and 50 iPhones. The business units pay for the devices and service through ATT and Verizon. He secures the devices by:

1. Offering terminal services access to an RDP client in the ipad
2. Limiting corporate web services to OWA and Sales Force
3. Adding remote wipe capability
4. Preventing split tunneling of remote user browsing. Product recommended was Zscaler which loads on the firewall

Mar 232011

One question seems to be on every CIO’s mind…
How can our organization unlock YouTube, Twitter and Facebook and still be secure?  Well it can be done and here is a plan.

  • Virtual Applications set up in the DMZ
  • Kiosk Access
  • Set up a Virtual Internet Application Social Media Security Server  (See Diagram Below) in your DMZ to ensure you can give access to Facebook, Twitter, Youtube, LinkedIn, etc without compromising security
  • Kicker – Add a Separate Social Media non business grade line from Comcast to run streaming media and social media applications through.
  • Allow access to Facebook without compromising corporate bandwidth or adding virus and malware propagation risk through this channel by using Next Generation Firewalls through Sonicwall

If you have any questions or comments please email or tweet me!

Mar 152011

Be aware that the default operations of Outlook 2010 have changed. The impact of this can be from basically DoS’ing (denial of service) the executive’s PC, to drowning order generic viagra the Exchange server. There is an easy fix, however just as easily the user can undo it (this isn’t good), to get the full functioning that 2010 offers (without being admin!). Fixing it right can involve complex AD group policy modifications.

Don’t be caught unaware! If you have questions, contact me or tweet me.