A number of years ago, I read Howard Schultz’s book “Pour Your Heart Into It: How Starbucks Built a Company One Cup at a Time”. One interesting aspect of it described how Schultz saw the coffee shop as something more than just a store for selling products, but rather a social experiment. Schultz theorized that besides the office and home, people need a “Third Place” that they can call their own and spend time, and he modeled the design of Starbucks to fill that need. The stores provide the comforts of home (with cozy chairs and pleasant lighting), the dynamic mix of seeing people both familiar and new, and the network connectivity to link coffee drinkers to the office.
Mobility means that people are doing work in their first, second and third “place”, but that’s not all. There’s mobile users accessing networks wherever they go, such as on the bus, at the book store, or in a remote hotel room. Employees want to work anywhere, and because connectivity plays such an important role, just what measures would an employee take to get a signal?
Computerworld UK just published an article with some very interesting statistics. A survey asked mobile workers about their work habits, and when the respondents were asked what lengths they would go to get connectivity when away from the office, the results indicated some extreme measures:
“Most mobile workers say they will do anything possible to get an internet connection, with almost a third hijacking unsecure networks and another third actually driving around in their car in a desperate search for free Wi-Fi.
For the network security professional, the office network is by far the most secure out of the “first, second or third” place. Outside of the office, it’s open game on just how much security and privacy you get, and it’s typically going to be on the order of little to none. It turns out the majority of mobile employees are using any network they can find, as long as they can connect. At best, by definition, any open access point is inherently insecure, and the user typically doesn’t get any additional protection without initiating a VPN connection.
In the past, the concept of remote access was to provide a temporary connection to get access to corporate resources outside of the office. Since the user was typically connecting from a relatively safe location, not much attention was given to the risks the endpoint faced. Today, the endpoint is most certainly placed in risky situations, and the only way to maintain protection for the network traffic and the state of the endpoint is to keep it connected to the enterprise network and not on a temporary basis.
That’s the principle behind GlobalProtect, which links together mobile endpoint to the next-generation firewall. GlobalProtect can maintain a persistent connection to the corporate network, ensuring that all of the protections afforded by the corporate firewall remain in place even as employees promiscuously connect to open access points. It’s a concept that we call the logical perimeter, one that encircles the user as they move about, and follows them wherever they go. To find out more, read about GlobalProtect. In the meantime, please tell your employees to stop driving around looking for a WiFi connection. It’s just not a practical or safe thing to do. And besides, there’s an app for that.