As enterprises embrace the “anywhere, anytime, any device” vision of networking, they need to remain vigilant of emerging security risks. Taking steps to address these risks will be critical if enterprises are to confidently capitalize on the new business opportunities that borderless networks represent.
In a study of 512 IT security decision makers (ITSDM) conducted by Cisco and InsightExpress, more than half of respondents (56%) have determined that employees are using unsupported applications on enterprise networks. Among them, the largest proportion has discovered employees using social networking (68%).
In the U.S., more than 60% have discovered use of unsupported collaborative tools such as Google apps. Meanwhile, about four in ten (41%) have determined that employees are using unsupported network devices. The two greatest risks recognized by these respondents are social networking (51%) and unauthorized network users (55%).
The majority of ITSDMs said they have a complete technical process to lock employees from network access if necessary (74%) and have restrictions on what employees can bring onto the network (79%). In fact, most enforce policies that restrict network behavior (75%) and impose consequences on those that breach them. Globally, three out of four respondents said it was the IT department’s responsibility to set, maintain and communicate these security policies – though 40% of respondents in the U.S. stated that such responsibilities belong to human resources.
Interestingly, a majority of respondents (71%) recognize that “overly strict” security policies can negatively affect hiring and retention among employees under the age of 30. So there clearly is a tension between restricting network and device usage and appealing to younger workers.
But ambitious enterprises need not be paralyzed by these conflicting issues. Intent on helping companies reconcile the challenge of network security with the demand for network accessibility, Cisco recently unveiled its “Validated Secure Borderless Networks” initiative. The objective is to provide system designs that will secure mobility, strengthen data security and support security management.
Recognizing that key security challenges are associated with today’s dizzying array of point security products, the initiative validates and integrates third-party tools from firms such as ArcSight, Credant Technologies, EMC, HTC, LogLogic, Lumension, netForensics, Nokia, Palm, RSA, Samsung and Splunk.
By validating these point solutions as part of larger, integrated solutions, Cisco intends to address the security hurdles associated with complexity, integration and management and we're helping our customers take advantage of these innovations.