Jul 012011

What is happening with smartphones, tablets, and other devices is that with having this equipment in the workplace, IT may now be required to provide access and support for the users.

It used to be that one could offer a Blackberry device and you’re done. Users are happy and you are safe and secure.  Now with proliferations of consumer devices like iPads, etc., offering only Blackberry as a solution is no longer an option.

A Whackamole situation is now emerging; where you attack the head that pops up with the mallet, hoping it will not reappear but it always does. How do you embrace these devices and have a security architecture and policy framework that accommodates these various devices?

Architecture decisions are at the core of this topic.  I really don’t care which Suite you chose (Vmware, Citrix, Microsoft, etc.) in the diagram below. What I do care about is can you answer and deploy your apps to BYOD gear in these 6 areas?

Also, can you confidently prove how you plan on granting access to your applications using various devices across your architecture?  You are responsible for granting ‘cross device access’.

How can ubiquitous access be granted with the fewest, fewest, simplest methods possible?  It all starts with architecture which you can see below.

Sep 212010

Read this article by Johannes Ullrich. My response is that although Ullrich writes about Google’s choice to use two factor using SMS or Smart phone applications, this can also be done using remote access SSL VPNs, as well triggering a smart phone using SMS. This is very inexpensive as well.

Applications of Ullrich’s article:Applications of Ullrich’s article:
1) If you want a cool security idea
2) Inexpensive way to add two Factor to Cloud Access Authentication
3) Add two Factor Authentication and use your own AD active directory to be authoritative for access control

Share your thoughts right here on the CIO/ES blog!