保护企业免受智能手机的侵害

The recent launch of Verizon's iPhone brings another influx of users into the smartphone era, where the devices are on the verge of outnumbering PCs for the mobile workforce.

Many of these new iPhone users will be bringing their phones into the business environment. A recent survey indicated that more than half of small business smartphone users rely on the iPhone to check email and schedules, 还有——有人会认为——消费媒体.

用于企业IT部门, 虽然, after spending much of its time locking down security around just laptops and desktops and one or two basic phones, 新的智能手机选择的出现可能会引起人们的担忧.

防范恶意软件的日子一去不复返了, 入侵的尝试, 甚至是不满的员工在有限的设备上, 比如Windows台式机、笔记本电脑或黑莓手机. IT departments are scrambling to either block the new smartphones and tablets from their networks or to figure out how to work with them.

在本周的 RSA会议在旧金山, 这个问题是许多IT部门的首要和中心问题, 因为趋势是从个人电脑转向移动设备. 一路走来, some of the technology providers in the space are taking a cue from the media content and controlled-access media market technologies that have been around for several years.

Several vendors I spoke with offer services to remotely disable content, in much the same way as online video content can be disabled after a set period of time or if it is offline too long and doesn't check in with the verification server.

在远程数据删除的实例中, the issue is to remove both company data and company-acquired applications that might reside on the employee's personal device, 设备是否会丢失或员工的职位是否会被终止.

Several of the companies brought up the liability impact of employees bringing their smartphones to work-and working from their smartphones wherever they happen to be at the moment.

“确保多平台的安全是一个挑战, 现在是多设备, 环境,艾哈迈德·达图说, 他是Zenprise的首席营销官. "As employees shift their computing tasks from desktops to smartphones and tablets, what is the impact that these devices have on securing and supporting the mobile infrastructure, 以及IT领导者应该做些什么?"

Zenprise提供移动设备管理和安全软件, and the company emphasizes a series of best practices to address the new reality of multi-platform access to enterprise content. 该公司的MobileManager平台现在是第6版.0, and this new release is geared toward dynamic protection of business-critical applications and data anywhere in the mobile environment.

“我们与客户合作, 比如沃达丰和达美航空, 主动预防, 处理和补救信息安全漏洞,达图说。, 在设备上, 网络和应用程序级别."

The multi-level approach is also shared by Mobile Active Defense (MAD), which hosted the 2011 Mobile Security Symposium at the RSA conference along with AT&T，赛门铁克和其他几家公司.

"We hosted this conference to address a few critical elements in mobile device security,温·施瓦陶说, MAD's chairman "including geo-location-based firewall and content filtering for mobile devices."

The concept of geo-location-based firewalls and content filtering is a new twist in the world of enterprise mobile devices, 允许在每个设备上使用多个防火墙, 每个地区的基础上. MAD's technology recently won a 2011 Best Practices Award from Frost and Sullivan for product innovation in the North American market.

在一个 article 在去年的RSA大会上, we discussed the growing use of two-factor authentication in enterprise security. The first is through the use of a multi-factor authentication solution. 这种类型的解决方案在联邦机构中得到了推广, 金融服务和医疗保健公司, each of whom need to provide customer portal access to sensitive personal materials such as Social Security benefits, 银行对账单和病人健康记录.

Yet there's also a place in media content filtering and controlled access for two-factor authentication, as company-generated internal video clips often don't have the same level of protection available to more popular file formats such as DOC, PDF或XLS. To bring media clip security into line with other formats requires a more robust trusted computing model and integrated location-aware content filtering, 我们将在以后的文章中探讨这两个问题.

This year the emphasis on mobile device security includes two-factor and trusted computing models, 允许设备所有者访问企业数据, but the concept of remote data wiping for any mobile device is also gaining marked interest.

移动设备上的远程数据清除并不是什么新鲜事, as the Blackberry has had this enterprise-specific feature for years. Yet the advent of remote data wipes on the iPhone and iPads-both of which are gaining in popularity for enterprise use-brought greater public awareness of the capability to the general public.

事实上, even a consumer iPhone owner can invoke a remote data wipe of a phone that's been misplaced or stolen, knowing that he can later restore the device's content from the most recent iTunes-based backup.

The dual trends toward two-factor authentication and remote data wipes are coupled tightly to a third concept called "sandboxing" that puts mobile devices into a separate area of an enterprise network.

沙盒趋势可能会持续数年, 因为IT部门正在解决围绕病毒防护的不确定性, changes to virtual private network (VPN) schemes and a number of other changes going on in today's enterprise.

Zenprise and other companies exhibiting at RSA are banking on this trend. 7月, 该公司宣布已完成一轮900万美元的融资, 收入同比增长175%. Zenprise最近还收购了Sparus Software, 一家法国移动管理公司, 以扩大其欧洲业务.