Moody's upgrades Saudi Arabia's credit rating to Aa3 with stable outlook    Riyadh Metro to begin partial operations next Wednesday: Report    Al Okhdood halts Al Shabab's winning streak with a 1-1 draw in Saudi Pro League    Mahrez leads Al Ahli to victory over Al Fayha in Saudi Pro League    Al Qadsiah hands Al Nassr their first defeat in the Saudi Pro League    Saudi musical marvels takes center stage in Tokyo's iconic opera hall    Downing Street indicates Netanyahu faces arrest if he enters UK    London's Gatwick airport reopens terminal after bomb scare evacuation    Civil Defense warns of thunderstorms across Saudi Arabia until Tuesday    Saudi Arabia, Japan strengthen cultural collaboration with new MoU    Slovak president meets Saudi delegation to bolster trade and investment ties    Saudi defense minister meets with Swedish state secretary    Navigating healthcare's future: Solutions for a sustainable system    Al Khaleej qualifies for Asian Men's Club League Handball Championship final    Sixth foreign tourist dies of suspected methanol poisoning in Laos    Katy Perry v Katie Perry: Singer wins right to use name in Australia    Trump picks Pam Bondi as attorney general after Matt Gaetz withdraws    Al-Jasser: Saudi Arabia to expand rail network to over 8,000 km    Sitting too much linked to heart disease –– even if you work out    Denmark's Victoria Kjær Theilvig wins Miss Universe 2024    Order vs. Morality: Lessons from New York's 1977 Blackout    India puts blockbuster Pakistani film on hold    The Vikings and the Islamic world    Filipino pilgrim's incredible evolution from an enemy of Islam to its staunch advocate    Exotic Taif Roses Simulation Performed at Taif Rose Festival    Asian shares mixed Tuesday    Weather Forecast for Tuesday    Saudi Tourism Authority Participates in Arabian Travel Market Exhibition in Dubai    Minister of Industry Announces 50 Investment Opportunities Worth over SAR 96 Billion in Machinery, Equipment Sector    HRH Crown Prince Offers Condolences to Crown Prince of Kuwait on Death of Sheikh Fawaz Salman Abdullah Al-Ali Al-Malek Al-Sabah    HRH Crown Prince Congratulates Santiago Peña on Winning Presidential Election in Paraguay    SDAIA Launches 1st Phase of 'Elevate Program' to Train 1,000 Women on Data, AI    41 Saudi Citizens and 171 Others from Brotherly and Friendly Countries Arrive in Saudi Arabia from Sudan    Saudi Arabia Hosts 1st Meeting of Arab Authorities Controlling Medicines    General Directorate of Narcotics Control Foils Attempt to Smuggle over 5 Million Amphetamine Pills    NAVI Javelins Crowned as Champions of Women's Counter-Strike: Global Offensive (CS:GO) Competitions    Saudi Karate Team Wins Four Medals in World Youth League Championship    Third Edition of FIFA Forward Program Kicks off in Riyadh    Evacuated from Sudan, 187 Nationals from Several Countries Arrive in Jeddah    SPA Documents Thajjud Prayer at Prophet's Mosque in Madinah    SFDA Recommends to Test Blood Sugar at Home Two or Three Hours after Meals    SFDA Offers Various Recommendations for Safe Food Frying    SFDA Provides Five Tips for Using Home Blood Pressure Monitor    SFDA: Instant Soup Contains Large Amounts of Salt    Mawani: New shipping service to connect Jubail Commercial Port to 11 global ports    Custodian of the Two Holy Mosques Delivers Speech to Pilgrims, Citizens, Residents and Muslims around the World    Sheikh Al-Issa in Arafah's Sermon: Allaah Blessed You by Making It Easy for You to Carry out This Obligation. Thus, Ensure Following the Guidance of Your Prophet    Custodian of the Two Holy Mosques addresses citizens and all Muslims on the occasion of the Holy month of Ramadan    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



Adaptive Trust — a new defense for secure enterprise mobility in Saudi Arabia
Published in The Saudi Gazette on 04 - 07 - 2016

An HR director, a salesperson visiting with your engineering team, and a network administrator walk into office at 9 a.m. Each is carrying a coffee in one hand, a smartphone in their pocket and a laptop over the shoulder. Within minutes of entering the building, they all log in to the Wi-Fi network and blend into the mobile workforce.
These tech-savvy, and Wi-Fi loving users expect to connect and work from anywhere on any device — and they want connectivity without extraneous layers of security that slow them down. It's this workforce and expectations across enterprises in Saudi that are turning security inside out.
What's happening faster than anyone imagined is the dilution of the fixed perimeter that surrounds the enterprise. Before workforces went mobile, IT invested tons of time and resources into building a crack-free perimeter that prevented outside threats from coming into the enterprise.
They locked down the network with gateway firewalls, intrusion prevention systems, anti-spam, URL filtering and other security solutions to close off possible entry points. But in our more mobile-centric world, the biggest threats now come from inside the network.
Infected laptops and smart phones walk right through the front door and connect directly to the network without IT's knowledge. When you count the attacks initiated from those unsecured user devices, the loss of sensitive data on mobile devices and risky end user behavior, they add up to more than 90 percent of enterprise security breaches.
Lost devices alone pose a serious insider threat. In 2014 thieves stole 2.1 million smartphones in the United States and another 3.1 smartphones were lost. The missing devices are often all someone needs to gain access to a company's valuable data and critical business systems.
Remember the mobile workers from earlier? The HR director's laptop could have access to the direct deposit information for the entire company, and the network administrator most likely has the credentials to access 70 percent of the systems in the company.
Stats are only beginning to trickle in that highlight the potential threat of the Internet of Things. Clearly, billions of devices will connect to the Internet in the coming years, but how will they impact the enterprise? According to The Internet of Things 2015 report, the largest adopter of IoT ecosystems will be businesses, not consumers.
According to Gartner, businesses are projected to have from 11.2 to 20 billion IoT devices installed by 2020. As smart meters, IV pumps, manufacturing robots, farming equipment, and even conference rooms connect, the network must get smarter and be able to classify and understand the behavior of IoT devices automatically in order to keep the enterprise safe.
When Context Controls Connectivity
Between the mobile devices already on the network and the IoT devices that are coming, the inside of the network has become a soft underbelly. It demands a different type of security approach — one that starts on the inside and extends beyond the perimeter, and can adapt to the dynamic nature of users — and mobile-oriented threats — those that can originate from anywhere.
The hallmarks of this security approach are: shared contextual information and adaptive controls based on mobility needs. By recognizing that no two users are alike, an adaptive trust approach allows IT to define more personal policies that are mapped to individuals or groups that share similar roles and business objectives.
Going back to our initial trio, the visiting salesperson gets guest access allowing them to reach only the Internet — this after meeting sponsor acknowledgement and device compliance. While guest access is a familiar scenario, context-based policies get more interesting when applied to the two employees.
Enforcement can now be based on user role, device ownership, MDM/EMM status, and even location. The network administrator has full privileges from his laptop while he is in any company-owned building. At home, his privileges drop somewhat and they are different for his laptop and his smartphone.
The HR director has full access to all systems when onsite, and when working from home on her laptop. When traveling she is limited to emails and approvals from her mobile device. For vacation, review, or budget approvals, the HR director also has the necessary multi-factor authentication credentials to move the approval into the workflow cycle.
This added layer of security ensures that automated processes are only initiated by approved personnel. If the mobile device is stolen, a thief has no access to the company's systems or private employee data.
User role, device type, ownership, status and location are some of the relevant contextual information that allows IT to create policies that allow or deny access on a case-by-case basis without leaving the enterprise completely exposed to new threats.
A Secure Network is a Healthy Network
Enterprises that have moved to an adaptive trust approach are responding confidently to the demands of BYOD, cloud, and IoT. Consulate Health Care is among the security thought leaders that have moved to an adaptive trust approach that protects against insider threats.
The health care center had hundreds of company-issued mobile devices and thousands of guest devices that connected to the network daily, but security wasn't air tight.
Consulate wanted to assign policies to the connecting devices based on user role and device that would serve both visitors and employees and protect patient information and other private healthcare data. The new defense approach provides the center with much better security around its intensely dynamic mobile environment.
Prior to establishing a valid connection, corporate-owned and personal devices must meet compliance policies. Devices failing to meet requirements are automatically quarantined and the users are asked to resolve the issues.
Once recognized as compliant, patients, residents and family members can complete the self-enrollment process for Internet access that won't affect the security of the internal network. However, when the center's health care employees connect to the network, they are granted access to internal resources.
Based on user role and device ownership IT can easily define which resources they should have access to — thus reducing the chance of compromising patient information. Consulate is now much more confident that its data and systems are safe from any insider threats.
When enterprises in Saudi Arabia take an adaptive trust approach, IT can make smarter decisions about how users and devices connect and how their access privileges are enforced. This is required for today's mobile workforce — which will continue to push the boundaries of network security for years to come. In this fast-paced, upwardly mobile world, the best defense is being able to adapt.
— The writer Michael Netterberg is a solution architect, networking at Aruba, a Hewlett Packard Enterprise company


Clic here to read the story from its source.