October 24, 2012 Leave a comment
Are users having trouble authenticating via FTP when the Check Point security server is activated? Well, if those user names contain an @ symbol (i.e. john@mydomain.com) try adding that @ symbol twice (i.e. john@@mydomain.com). Doing so will prevent the firewall from interpreting the @ character as a special use character and the users should now authenticate properly.
October 24, 2012 Leave a comment
Mobile computing provides employees with the freedom of accessing network resources from remote sites at times more convenient for them. From the corporate perspective, mobile computing allows employees to stay in touch by phone, email, fax and web based methods when away from the office.
Allowing workers to telecommute or work from home is rapidly becoming a part of more family-friendly working options. Telecommuting employees can vary between working a few hours from home each week to working full time from home. Research has shown that smaller companies and companies with a large international workforce are more likely to embrace telecommuting for its employees (Mayo, Pastor, Gomez-Mejia & Cruz, 2009, p. 918).
Some studies have also found that the rise in mobile computing has also resulted in increased productivity. A study conducted by Cisco Systems in 2003 found a 13.4 percent average productivity gain due to the use of mobile computing (Deeson, 2005). The study found that certain industries benefited from strong productivity gains such as insurance adjustors and sales engineers in the healthcare and pharmaceutical field. It also found that hotel guests were more likely to select a hotel that offered broadband access and were willing to pay almost 7 percent more for this service.
A more recent survey in 2011, more than 80 percent of respondents stated their productivity either increased or greatly increased through the use of their Smartphone (Kalkbrenner & McCampbell, 2011, p. 4).
Mobile computing, however, also offers a slew of new concerns for businesses including the security of such devices. Because these devices operate outside the confines of the internal corporate network, they do not benefit from the same security measures that protect internal resources. Moreover, because the very nature of mobile computing requires that internal resources be accessed over the public Internet, the confidentiality, integrity and availability of this data must be addressed.
This study takes a comprehensive look at the risks associated with mobile computing, looking at real world examples and using a lab setting to determine how such risks may be exploited. Mobile computing, for the purposes of this study, is defined as any device that is used to access internal resources from a remote location. This includes laptops and Smartphones.
This study also looks at two separate types of mobile computing; that which is performed on devices owned and controlled by the corporation and those which are not (i.e. owned by employees or vendors). In considering these two scenarios, the study makes certain assumptions as to the base security level of each device and as such will present separate risk assessments on each scenario based on these assumptions.
A case study was conducted to assess the effectiveness of commercially available security solutions designed to protect mobile computing for both scenarios. The study focused mainly on the use of laptops as the means of mobile access but does also offer some additional information on the protection of mobile computing via a Smartphone, in particular an iPhone.
The study found that mobile computing presents a high level of risk for both devices, especially with regards to theft/loss of mobile devices. The employee/vendor owned device showed a much higher level of risk for all categories presented in the study. When VPN was deployed however, the study showed that all threats save theft/loss could be properly mitigated.
Read the complete study:
Mitigating Risk in Mobile Computing
SANS Information Security Reading Room Security Tip of the Day SecurityWeek News Security Trends Published Advisories
Jason Smith, Frisco TX 