StealthWatch for Mobile Device Security
According to data from Aberdeen, 75 percent of companies allow employee-owned smartphones and/or tablets to be used at work.1 Meanwhile, Gartner predicted that this number would rise to 90 percent by 2014.2 The bring-your-own-device (BYOD) movement has significant productivity, convenience and cost benefits, but it is leading to serious challenges for IT administrators.
Over half of all IT leaders in the U.S. said that employee-owned mobile devices pose a greater risk to the enterprise than mobile devices supplied by the company. Yet 27 percent still believe that the benefits of employees using personal devices outweigh the risks.3 To balance out these risks and benefits, organizations must adopt a more effective mobile security strategy.
StealthWatch Minimizes Mobile Security Threats
In the wake of IT consumerization and BYOD, the network perimeter has vanished. Today’s enterprises require a more effective and efficient means of monitoring and controlling users’ access to the network and sensitive resources. Unfortunately, mobile users often circumvent corporate security policies and safeguards, and it is too cumbersome – and often impossible – to install and manage security software on every new device.
Lancope’s StealthWatch® System solves this problem by delivering in-depth internal security monitoring that proactively detects issues stemming from any device on the network, without having to install additional software or deploy expensive probes. Instead, StealthWatch takes a unique approach by analyzing mobile device information collected from existing network infrastructure. StealthWatch can detect and alarm on anomalous behavior originating from users’ personal smartphones, tablets or laptops, and the inspection points can be close to the devices themselves rather than just at the perimeter of the network, providing more reliable protection.
StealthWatch unifies security and network performance monitoring to provide end-to-end visibility for dramatically improved network troubleshooting and risk posture. By conducting sophisticated behavioral analysis on flow data from existing infrastructure, the system cost-effectively enhances network security and performance across physical, virtual and mobile environments.
Traditional threat detection mechanisms such as probe devices, antivirus and IDS/IPS quickly become cost prohibitive, ineffective and unfeasible within a BYOD environment. Unlike these other technologies, StealthWatch provides a complete picture of everything happening on the network, enabling organizations to quickly and easily uncover both externally-launched, zero-day attacks, and internal threats such as network misuse, policy violations, data leakage and device misconfigurations – regardless of the device being used.
Advanced features including application and identity awareness, as well as automatic threat prioritization and mitigation, further enhance troubleshooting and support other efforts such as forensic investigations.
In addition to providing comprehensive mobile security, StealthWatch can help ensure high levels of performance for mobile users by quickly assessing issues that may be causing a slowdown. Overall, StealthWatch delivers the situational awareness and actionable intelligence needed to maintain high levels of security and performance amidst a constantly-evolving network and mobile environment.
Extending Mobile Security with Cisco’s ISE
Cisco’s Identity Services Engine (ISE) is a next-generation network admission control system that provides customized access to corporate resources based on user/endpoint identity. The ISE authenticates users and denies or authorizes user access to corporate resources based on a wide range of identifying features including device type, security posture, physical location, and much more.
Through integration with the ISE, StealthWatch incorporates this device and identity data from Cisco into its overall view of network activity, further advancing its ability to provide comprehensive security no matter what device is connected to the network. Likewise, Cisco ISE users can expand their mobile security strategy by leveraging StealthWatch to continuously monitor user behavior on the network.