Feeds

Taking note of notebooks

Get a handle on remote assets

  • alert
  • submit to reddit

SANS - Survey on application security programs

Few organisations today have exempted themselves from the rapid increase in the use of mobile computing tools, be they laptops, netbooks or handheld devices. There is no doubt that their use can deliver tangible business benefits. Equally, they can help employees better tailor their work-life balance, which is to their benefit and the organisations they work forn

Laptops also present management and support challenges. As mentioned in an earlier article it is by no means unusual for users to regard their laptops as their own, rather than something which the company has provided to achieve business goals.

Even in the world of the desktop PC one of the greatest challenges for IT support staff is dealing with the tendency of users to reconfigure their machines, install their own software, connect up their own peripherals, etc with scant regard to factors such as software licensing and corporate standards. This propensity is exacerbated with laptops and other mobile devices, which may be used in private lives as well as business operations.

And then there is the ever-present question of ‘security’. Clearly any device that spends any time outside of the (presumably locked and secured) office environment will face an additional range of risks. Amongst these is the decidedly non-trivial factor that PCs are highly portable and thus relatively obvious targets for theft, never mind accidental loss. With such clear and present dangers, there is a need for great care to be exercised in the operational management and security of mobile devices.

Indeed, there is a strong case for the use of effective remote asset discovery and operational management tools to help ensure the security, compliance and reliability of mobile devices. As a starting point, an asset management tool can be deployed to gather a wide range of hardware and software inventory information.

Such information gives the IT manager and support staff a picture of what applications and data are being accessed by remote users, and from what devices. In addition it can provide information regarding the state of patching of operating systems and business applications, potentially highlighting devices where the user needs be ‘encouraged’ to update the software stack, a task that is considerably easier for office based systems than remote laptops.

Beyond this, such asset / inventory information can also highlight users loading software onto a corporate laptop for which the company does not hold a central license, potentially exposing both the user and the directors of the company to legal risk. Similarly, it is by no means unknown for untested software installations to adversely affect the operation of standard business applications, although this issue is no longer quite the nightmare that once it was (let us know if you disagree). With asset management tools in place, forewarned can mean forearmed.

Once IT knows what portable machines it has in its inventory, it can start to manage them in a more proactive fashion. With such knowledge it becomes possible to organise resources so that each user is supplied with the facilities and services they need to do the job in hand. Which brings us to supporting the things.

Given that devices such as laptops that are, by definition, inherently mobile it is understandable that remote management / remote control software tools have a major role to play – particularly in the deployment of software and the ongoing maintenance of the machines, not to mention responding to support calls which we shall be covering in a subsequent article.

The issues looking after laptops, especially those that really do move around, increase drastically compared to desktops (which weren't that easy to manage in the first place). Mobile user support is becoming better understood, and some of the more recent new remote control offerings work in tandem with asset management / inventory knowledge banks to help smooth out service problems.

The capability to 'see' a machine, and then reconfigure it to a known state, without being dependent on asking a user over the phone to take steps X, Y and Z can significantly reduce the frustrations experienced by both sides. Such tools can turn what might otherwise have been a 45-minute call into a 10-minute operation, increasing both productivity and satisfaction all-round.

But beware – unless users understand the boundaries of 'acceptable use' as defined by the organisation, problems will arise. The personal factors can only be adequately tackled by creating usage policies to which the business and IT agree and which, more importantly, mobile users understand and agree to follow. We'd be interested in understanding your own experiences here – is the idea of a well-managed pool of remote IT just a pipe dream, and does it ultimately depend on the right policies in general, or any good behaviours in particular? Do let us know.

Combat fraud and increase customer satisfaction

More from The Register

next story
Reg man builds smart home rig, gains SUPREME CONTROL of DOMAIN – Pics
LightwaveRF and Arduino: Bright ideas for dim DIYers
Leaked pics show EMBIGGENED iPhone 6 screen
Fat-fingered fanbois rejoice over Chinternet snaps
Apple patent LOCKS drivers out of their OWN PHONES
I'm sorry Dave, I'm afraid I can't let you text that
Microsoft signs Motorola to Android patent pact – no, not THAT Motorola
The part that Google never got will play ball with Redmond
Slip your finger in this ring and unlock your backdoor, phone, etc
Take a look at this new NFC jewellery – why, what were you thinking of?
Happy 25th birthday, Game Boy!
Monochrome handset ushered in modern mobile gaming era
Rounded corners? Pah! Amazon's '3D phone has eye-tracking tech'
Now THAT'S what we call a proper new feature
US mobile firms cave on kill switch, agree to install anti-theft code
Slow and kludgy rollout will protect corporate profits
prev story

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.