6 questions with Juniper Network's Tim Nagy

Juniper Network's Tim Nagy speaks to CSO Australia.

  1. What are the main challenges faced by CSOs when securing their mobile workforce?

    Employee-owned or personal mobile devices are becoming increasingly common in the mobile workforce. When used in a corporate environment, these "bring-your-own" (BYO) devices present a new challenge for CSOs. How are they secured? How can they be made to comply with the corporate access and security policies? Should the enterprise be able to mandate the ability to wipe the device remotely should it be lost? Is anti-virus needed for a mobile platform?

    These questions and others are arising with the proliferation of employee-owned smartphones and tablets. The work and personal mobility platform is now merging to become a single device. The challenge for CSOs is how to appropriately secure these platforms while allowing for the potential productivity gains and cost savings that BYO devices bring with them.

  2. How have these challenges evolved as Apple has emerged as a major force in this area?

    Apple is showing signs of breaking the strong hold that RIM (Blackberry) has on the enterprise market. Long seen as a secure platform for enterprise mobility, the Blackberry has been ubiquitous in the corporate arena.

    Apple is now challenging the idea that an iPhone or iPad can't be secured as well as a Blackberry. Through tightening the integration of their devices with corporate e-mail and calendar systems, Apple is providing a strong competitive solution to Blackberry.

    With the emergence of Apple, corporate mobile security has moved from a walled garden approach — where Blackberries were tightly controlled through a centrally maintained corporate server — to an open and relatively uncontrolled Internet-based mobility platform that accesses the corporate network via the public internet.

    Juniper Networks’ Junos Pulse is designed to secure that connection back to the enterprise in order to ensure, among other things, the integrity of that data and prevent the loss of intellectual property.

  3. What are the most common mistakes made by CSOs when looking at this problem?

    The most common mistake is to ignore the potential security threats that are emerging on mobile platforms. Many CSOs either don't recognise that mobility platforms are potential threat vectors or they don't have the time or resources to focus on securing mobile devices.

    However, every organisation today needs to have a mobile device policy, a plan for securing these devices, and the tools to do that job.

  4. How will this problem evolve over the coming years?

    Over the next few years, corporate standards and best practices for securing mobile devices will become more mature, such that securing various mobile operating systems will be as standard as securing a Windows workstation today.

  5. What have mobile security providers learned from the mistakes of desktop security?

    Desktop security evolved from single clients on individual workstations to become an overall enterprise concern. In contrast, centralised policy management and status views of the security of the mobile workforce have been incorporated from day one in the mobile security arena.

    In the early days of desktop security, policy control — checking to see whether a client met a minimum security standard to connect to the network, for example — was absent. Again, mobile security providers have taken note of that and have incorporated policy control into mobile security platforms from the outset.

  6. As the popularity of smart mobile devices explodes, how can we avoid replicating the mistakes we made with desktop security?

    CSOs should ensure that they have put in place the policies and tools that allow them to take advantage of the explosion of mobile devices. Key to this strategy should be the ability, as quickly as possible, to extract the benefit of a mobile workforce while mitigating the unique security risks that come with it.

Tim Nagy is a Senior Systems Engineer at Juniper Networks.

Join the CSO newsletter!

Error: Please check your email address.

Tags securitymobile securityBring Your Own Devices [BYOD]

More about AppleetworkJuniperJuniperResearch In Motion

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by CSO staff

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place