"In essence, the challenge of cloud service providers is to protect the confidentiality and integrity of their subscribers' data, while creating and delivering highly available cloud security services," he said.
Intelligent security steps
"Beyond VPNs, intelligent security technologies capable of managing the risks resulting from the perimeter extension of the corporate network, rather than simply looking at IT security from a static perspective, would be the best solutions to consider," said Chang. "Those include the ability to provide granular access/profile policies based on users as well as the ability to provide security to the extended network perimeter, which includes smartphones and remote computers."
"Employers need to consider deploying anti-virus gateways at the entry points of the corporate network used by devices such as smartphones (WiFi access points, synchronization stations, and so forth), and implementing security solutions from vendors whose threat research includes the detection and protection against dedicated mobile threats," he said.
"In addition, employers/IT departments should implement on the wireless LAN the same protection mechanisms that they deploy ubiquitously on their WAN [wide area network] gateway," Chang said. "Key criteria to be considered to choose the right security solution are: coverage and speed, user segmentation and guest access, strong authentication and encryption, rogue AP detection and on-wire correlation, flexible deployment, ease of implementation and centralised management."
"While employees should take some simple precautionary practices such as applying any software updates to mobile platforms immediately, not to open unknown SMS/MMS, and to ask system administrators to recommend applications," he said. "As a general rule, never install applications you would not really need, and download them from legitimate repositories only. Also to disable communication channels such as Bluetooth by default, only enabling them when required. Such measure removes a possible attack avenue and saves on battery consumption. You should also ensure that you can remotely wipe private data on mobile devices and to choose TLS [transport layer security] protocol for added privacy."
Sign up for Computerworld eNewsletters.