Related Links

Top 5 Stories


Securing a Very Mobile Board - Automatic Backup of Laptops

26 October 2009
Steve Gold

As mobile working proliferates, boardroom staff is hitting the road with their laptops. Largely unconcerned with backing up their all important data, IT managers back in the office need to automate and secure this process. Steve Gold looks at how to secure a very mobile Board

Whilst middle-ranking managers in most North American corporates have the time and resources to get to grips with online backup systems and allied IT security technologies, board level managers and their peers are not paid to understand the technology - they are paid to manage the strategy of their businesses.

With mobile broadband and public access WiFi rapidly becoming the norm for most cities across North America, senior managers - including board level management - are now relying on their laptops more than ever before.

"Very senior staff need an automated backup solution for the simple reason that they tend not to be interested in backing up their laptop's data themselves."

How though, are their IT managers back at the office coping with automating the process of backing up and supporting secure access to the company’s computer resources?

Thankfully for most IT managers, a growing number of vendors are now actively supporting this segment of the backup and IT security market, with a variety of backup products that operate transparently and reliably in the background.

Put simply, this means a senior executive with a salary in the upper echelons of six figures - and beyond - can use their laptop without worry that their data will be lost if the computer is lost or stolen.

Whilst mobile authentication offerings have never been more plentiful, there is still the problem of how to engineer the laptops of these senior executives to backup their data automatically on a regular and reliable basis.

An Unusual Target Market

Based in Columbus, Ohio, 3X Systems offers its remote backup technologies to SMBs. The majority of industry majors, however, compete for corporate business in the remote IT security stakes.

According to Alan Arman, CEO of 3X Systems, this approach translates into a single one-off capital payment for a 3X Backup System - starting from US$2500 for an appliance with twin drives for failover resilience - and giving SMBs a portable, all-in-one device that can be purchased by the end customer or their IT services provider.

"Using our technology means that SMBs have access to reliable, offsite backup for all their servers, desktops, and laptops, with the ability to restore a computer to all its past image versions remotely", he tells Infosecurity.

"The bottom line is that our customers are starting to focus on vritual appliance technology as the security that a cloud-based system can offer is a lot more cost-effective."
Danny Kim

And if the client is not interested in making a capital purchase, 3X Systems’ can also supply a backup service provider offering on a pay-as-you-use basis.

According to Arman, education on IT security and backup topics remains a key issue for mobile staff, whether senior or not.

3X Systems’ provides high levels of technical support, which is needed by senior management who do not want to waste their time learning how IT systems work. Arman says that, in his experience, board level management have widely varying levels of expertise.

"Regardless of their level of expertise, however, it's our job to provide a very timely level of IT and security support for senior staff that spend a lot of time in the field", he says.

Regardless of whether senior staff are on the road or in the office, he adds, they should always synchronize their data on a daily - if not more frequent - basis.

Even with the fastest mobile broadband service now available, he said, the traditional approach of synchronizing a laptop with an office server takes a lot of bandwidth.

"Even for corporates on a bundled deal, this can work out as an expensive option, especially if international travel is involved. Our technology's approach is to examine what files or parts of files have changed since the last update and then transfer the updated data to the remote system", he says.

"This approach minimizes the data transferred and also means that the data can quickly be transferred to a new laptop if the worst happens and a machine is lost or stolen", he adds.

According to Arman, even on an initial backup of a laptop with 80GB of data, the data can be backed up in around 20 minutes. After that, subsequent backups take just a few minutes daily.

Arman tells Infosecurity that very senior staff need an automated backup solution for the simple reason that they tend not to be interested in backing up their laptop's data themselves.

"USB sticks have their place, but they themselves can be a security risk for a company. At the end of the day, online backup is the best - and safest - option, providing you can keep the costs of moving the data to a minimum", he explains.

Pay As You Use

According to Piero DePaoli, director of global product marketing for iPass, the company's strategy of supporting authenticated and encrypted access to company IT resources - with the data stored on the businesses' central systems - avoids the need for any initial outlay.

"What matters is that the data call progresses quickly and efficiently, without the user being concerned with logon specifics."
Piero DePaoli

Since its formation in 1996, iPass' strategy has been to offer the widest possible methods of access to the internet and company resources - via a high security VPN - across dial-up modem, mobile data (2G) and mobile broadband (3G) connections, along with WiFi and any other facilities the client requires.

"Our iPass Connect software is designed to be completed transparent to the authentication and encryption solutions being used by corporates. We work closely with security vendors like Check Point, McAfee and Trend Micro to help ensure that, no matter what communications platform is being used, the relevant IT security systems work transparently and completely in the background", DePaoli says.

"Thanks to this transparent approach, we now provide mobile executive access via 130 000 access points in 95 countries, 3G facilities in nine countries and dial-up modem access in 160-plus countries", he adds.

According to DePaoli, corporate users make extensive use of IT security technologies when using the remote access facilities offered by iPass and its partner networks.

"These include Cisco VPN, Trend AntiVirus and Check Point's authentication plus many other IT security systems. If a client comes up with a solution we don't support, then we give consideration to including support in the iPass Connect software," he explains.

Interestingly, while most remote access technologies authenticate with the IT resources of the enterprise concerned, iPass' strategy is to install the authentication appliance in its network centers.

This means, says DePaoli, that as a user's data call comes into the iPass network, their IP connection is authenticated at the nearest iPass centre and, only when the authentication process has been completed, is the encrypted IP data stream handed on to the company's IT network.

Despite the need for multiple levels of logging in, iPass ensures that - as far as the user is concerned - only a single automated logon procedure is required.

"Basically, we hide all the complexities of the login procedure from the user. The network topology doesn't matter. What matters is that the data call progresses quickly and efficiently, without the user being concerned with logon specifics", he explains.

The Cloud Approach

Over at Boston-based FullArmor, meanwhile, chief technology officer Danny Kim says that a traditional appliance-based approach to mobile remote access is no longer the best option for many companies.

"The biggest problem with appliances is that they take a lot of control on the part of the IT staff."

Nor, he argues, is a complete remote access solution − such as that offered by iPass − always suitable.

"Our approach is to go for an in-the-cloud remote backup solution, as this allows near anywhere/anytime access to the data, as and when the senior executive wants it", he says.

"The biggest problem with appliances is that they take a lot of control on the part of the IT staff", he adds.

Interestingly, largely as a result of the economic downturn, Kim told Infosecurity that many more companies are starting to move over to a cloud-based IT backup solution, simply because the economics make a lot of sense for most users.

Kim says that many of the driving forces behind companies moving to cloud-based remote backup technologies are coming from developing nations, who have none of the security preconceptions that Western companies do.

As a result, many Western companies are watching what is happening in the developing countries, such as India, and realizing that they too can reap the economic benefits of cloud-based backup solutions.

"The bottom line is that our customers are starting to focus on virtual appliance technology because the security that a cloud-based system can offer is a lot more cost-effective", he argues.

So where does Kim see the future of cloud-based security and backup technologies coming from?

"It's important to realise that, whilst traditional appliance-based security and backup systems have their place, cloud technology offer a true pay-as-you-use solution", he says.

"Virtual appliances are not that different (to physical servers). They have the same specifications. The difference is that the appliances are located at a different geographical point and, since the resources are shared with other users, the costs involved are a lot more beneficial for the user," he adds.

Once users get over the hurdle of using the technology remotely, they become converts, Kim insists.

"Even when the economy returns to normal, I fully expect companies to stay with cloud-based backup solutions. Yes, people are resistant to change. But when they change, they stay with the cloud" he concludes.

This article is featured in:
Compliance and Policy  •  Data Loss  •  Encryption  •  Internet and Network Security  •  Wireless and Mobile Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×