Nov 152011
 

As I have been travelling and visiting various CIOs around the country I have been struck by the impact of mobile devices, primarily because 10 years ago I would have been laughed at by the CIOES group to suggest topics related to phones and smart computing devices. Right now I am seeing a thirst among CIOs to understand and navigate the vast confusion that mobility presents to an organization. The risks are too great to simply assign this to a tech to go research on their own. Mobility impacts corporate culture and is infiltrating from the top of the organization. A seemingly simple decision about allowing a tablet device like an iPad to access corporate resources triggers all sorts of questions.

I see fear as the underlying factor. The fear that corporate data will leak. The fear of buying products that do a little but not everything. The fear that the correct infrastructure platform needs to be chosen. Here are the choices that my CIOs are seeing: Android tablets and phones, ‘i’ products like iPhone and iPad, Symbian phones, Blackberry phones and playbook tablet, MAC laptops and Intel based laptops. Work at home PCs. Is the business giving you more people to chase down mobility security and manage non-Microsoft devices? What I have seen is that these waters can be navigated. Some of the following questions spawn the most vigorous and worthwhile debates that I have seen:

• What if you could stop caring about the end point and invest in DLP technologies to ensure your data and more importantly the correct data makes it to the endpoint?
• Are my remote users un-tethered or connected to persistent connections? What impact does this have on your decision making?
• What if you knew exactly who was entering your network?
• A strategy for Mobile Workspace Virtualization is needed. Untethered users are the bain of IT’s existence. How can you rein this in?
• What strategy for Mobile device backup is needed?
• What strategy for Firewalling outbound data is needed?
• How do you approach data at rest versus data that is moving? Enabling data at rest Data Loss Prevention is different than data in motion.
• Board packets can be accessed securely during meetings without needing to print out 5 inch thick board presentation packets.
• How can you turn iPads and tablet devices from consumption devices to devices that support creativity? What about being able to access Microsoft applications, and edit, share, and save documents on non-Microsoft operating systems?

Technologies that will be discussed in our upcoming educational session are:
SharePlus – to make SharePoint usable on tablets
Quick Office Pro to make Office docs usable on tablets
Code Green for DLP
Bluecoat Proxy SG – for DLP
MokaFive for Workspace Virtualization
VMWare Viewpoint – VDI
SonicWALL – Email Inspection and DLP Engine
ZIX – Email Encryption and DLP
Sonicwall NSA – SSL cracking

REGULAR AND NEW CIO EXECUTIVE SERIES MEMBERS ARE INVITED TO JOIN US ON DECEMBER 21st FOR AN IMPORTANT AND INTERESTING ROUNDTABLE DISCUSSION AND LUNCH. CHECK OUR EVENT REGISTRATION PAGE FOR THIS AND OTHER GREAT EVENTS!

Jul 012011
 

What is happening with smartphones, tablets, and other devices is that with having this equipment in the workplace, IT may now be required to provide access and support for the users.

It used to be that one could offer a Blackberry device and you’re done. Users are happy and you are safe and secure.  Now with proliferations of consumer devices like iPads, etc., offering only Blackberry as a solution is no longer an option.

A Whackamole situation is now emerging; where you attack the head that pops up with the mallet, hoping it will not reappear but it always does. How do you embrace these devices and have a security architecture and policy framework that accommodates these various devices?

Architecture decisions are at the core of this topic.  I really don’t care which Suite you chose (Vmware, Citrix, Microsoft, etc.) in the diagram below. What I do care about is can you answer and deploy your apps to BYOD gear in these 6 areas?

Also, can you confidently prove how you plan on granting access to your applications using various devices across your architecture?  You are responsible for granting ‘cross device access’.

How can ubiquitous access be granted with the fewest, fewest, simplest methods possible?  It all starts with architecture which you can see below.

Mar 092011
 

Secure? Please!

Here is a quote from my CTO at RedZone, “While testing the new SonicOS 5.8 code in our office that included the new application capturing signature database currently recognizing geometry homework over 2,800 applications and millions of malware threats, in the first few minutes we were able to see that Bill’s pc (that is me…. CIO Exec Series Founder) was sending data via the google toolbar even when he wasn’t using it. Also my team was able to see with SonicOS 5.8 that a single computer with Tweetdeck (a social media tool that consolidates Twitter/LinkedIn/Facebook communciation) took more bandwidth than we ever thought was possible and was more bandwidth intensive than synchronizing Exchange and DFS.”

Tweetdeck and Hootsuite and other social media are handy social media management software tools that marketing uses. The net net here is take control of your desktops. Any company that has to fly a mission “do no evil” is up to no good. Use these products as needed, but eliminate the tool bar.

It serves no good corporate purpose.

Summary – The SonicOS 5.8 has very versatile and powerful web 2.0 security controls for outbound traffic. Perfect!

If you would like more information about how to do this and what products are perfect for this let me know billm@cioes.org