Ng continued by describing Cisco's BYOD smart solution that is built on the Cisco SecureX architecture. "From Cisco's perspective, securing the endpoints lies with third party vendors. At the network level, there is visibility for context-aware enforcement in areas like user logins, time stamp, location, device identification, and so on. These make up the context-aware access policies," he said.
One key advantage of Cisco's approach is its unified access—whether through wired, wireless or VPN connection—into one single architecture, regardless of where the network access is coming from. Coupled with a centralised policy management that is driven by Cisco's Identity Services Engine (ICE), one can attain a simplified policy management for the entire enterprise.
Ng spent some time to answer a question from the floor, regarding how a typical BYOD policy is implemented locally. Ng said that it's important to start by asking what key issues need to be address. "Provisioning is key, as there are a lot of processes involved," he said.
Rise of Hacktivism
Sumit Bansal, Director of Sales for ASEAN at Sophos, gave a different perspective to the security scene by talking about the types of threats that are affecting not just the network but also the business landscape. The world is increasingly interconnected, he said, now that there are multitude of mobile devices available to stay in touch in a globally networked world.
Photo: Sumit Bansal
This "connectedness" has given rise to new opportunities brought about by Big Data, as well as new threats from hackers and cybercriminals who have taken advantage of lapses in security measures. "Social media like Facebook has seen phenomenal growth in the number of users creating, consuming and sharing information," he said. "Big data is all about people. As more people become connected, so are the opportunities for exploits."
Technology may be wonderful to use, but often, users couldn't care more of the dangers lurking such as information loss or theft. Bansal quoted the example of popular cloud-based Dropbox storage website which was hacked four times last year. At the other end of the spectrum is legislation such as the US Patriot law that empowers the government to look at private data if necessary, in the name of protecting national security.
More worrying is the availability of hacking tools and malware online, sold by propagators using an SaaS model. For example, "Blackhole" is a software service that offers any OS-specific targeting, and the hackers will try to find an exploit, and then home in to install malware or an exploit to steal information. Another is the so-called "ransomware" that, once activated, cut off access to information by locking it down, unless a ransom is paid.
Sign up for CIO Asia eNewsletters.