Free Newsletter
Register for our Free Newsletters
Zones
Access Control
Alarms
Biometrics
Detection
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
Surveillance
View All
Other Carouselweb publications
 
 
 
 
 
 
 
 
News

Securing Personal Laptops For Business Use

Check Point : 07 March, 2011  (Special Report)
With the increasing trend of companies providing a stipend to employees to buy their own laptops for both business and personal use, Nick Lowe of Check Point examines the security implications of this cost-saving measure
Securing Personal Laptops For Business Use

To refresh, or not to refresh?  This is the dilemma that many companies are facing.  In an effort to reduce IT budgets, companies are cutting back on new purchases, and corporate laptop fleets are a target.  Analysts estimate that maintaining a modest fleet of just 50 corporate laptops can cost a company thousands per laptop, per year in licensing, maintenance and support, on top of the initial purchase price. 


With this in mind, it’s not surprising that many organisations are considering giving their employees a one-off allowance to buy their own laptop for both business and personal use, rather than invest in a fleet of new corporate laptops.


Benefits of bring-your-own


Giving workers a stipend allows companies to remove the laptops and some of their associated costs from their books.  And allowing employees to choose their own preferred laptop can be seen as an incentive to help keep staff motivated.


Yet, while this option is certainly attractive from a financial and practical viewpoint, it also raises another issue:  security.  Businesses sacrifice rigorous, uniform control and protection of networks, devices and data. 


Security drawbacks


Let’s look more closely into the potential security issues.  If employees use their personal laptops for work, businesses will need to ensure secure remote access to the office network from a large variety of different machines.  Which VPN method and VPN client should they choose?  What disk, data and device encryption software should they deploy?  And how can they ensure security compliance on each endpoint?


Meeting these requirements is expensive and complex in terms of management, and could end up counteracting the potential savings and benefits gained by the organisation from offering personal laptop allowances. 


What companies need is a different approach to endpoint security that combines data encryption, session virtualisation and secure VPN connectivity on a simple, plug-in device – like a USB drive for instance.  This could give a solution that delivers data and device protection across a range of different endpoints, that’s also easier and cheaper to manage than a laptop fleet.


Plug-in security


A new generation of USB drives is now available, integrating both VPN connectivity for secure remote access, and automated hardware encryption to secure all stored data against accidental loss or theft.  These devices are also centrally-managed so that corporate policies can be applied and drives re-provisioned if lost.


This transforms what were portable ‘storage-only’ thumb drives into fully-secure solutions for remote connectivity.  For the company, the support and management overhead is far lower than for a managed laptop. In addition, using such device removes the headache of controlling a large number of endpoints, while delivering large-scale secure remote access, and keeping confidential data secure.


Virtual workspaces


From the employees’ perspective, the ideal endpoint solution would just ‘clone’ their office computer and deliver it on their home computer.  All users would have to do is simply insert the device in their home PC or laptop, type in their passwords and start working as if they were in their regular office environment. 


For the duration of the session, the host PC transforms into a virtual office workspace and a trusted endpoint, with a secure VPN connection for accessing the corporate network.  The virtual workspace segregates data from the host PC, while controlling applications and file transfers.  When the user ends the session, the virtual workstation disappears without a trace.  Both the local data and the corporate network’s integrity are protected from malware, hacking attempts and data theft. 


Assessing the benefits


A secure virtual workspace solution of this type would enable businesses to overcome the cost and complexity that they usually experience when delivering uniformly secure, remote access to the corporate network from a variety of employee-owned laptops.  So it is possible to make the business, personal – and vice versa.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com