It’s a time where speed matters more than ever before. Businesses need to run at such a rapid pace that at times it has to take security risks that can cause all kinds of havoc to a communications network. That’s especially true when you consider what happens when people travel. The data and information is a bit more vulnerable, creating a “mobile blindspot,” that has to be monitored. This brief from Qwest explores five real-world tactics that you can use to enhance mobile security in your organization so you can avoid those mobile blind spots and keep your organization moving at that ever quickening pace.

1. Avoid the Mobile bliNd Spot: Five
ReAl-WoRld tACtiCS to pRoteCt YouR
eNteRpRiSe NetWoRkS
Suppor t your 24/7 workforce with safe and flexible remote access.
ExEcutivE OvErviEw — tactics EnablE flExibility and prOtEctiOn fOr
a prOductivE wOrkfOrcE
Today’s successful businesses run at the speed of light, requiring According to an IDG Research
employees and corporate assets to be available and accessible 24 Services survey conducted in
by 7. Enterprises need to find a way to allow rapid, flexible access 2008, 81% of responding CIOs
while protecting themselves from serious risk. When employees reported being concerned about
travel with corporate data on laptops and other portable devices it reputation, while 79% were
becomes increasingly harder to manage, and control such data, or worried about legal consequences
even know if it’s being protected, thereby creating a “mobile blind of a security breach.
spot” that has the potential to wreak havoc on your corporate
communications network.
Identifying key mobile blind spots and taking steps to protect data in transit is critical to protecting your
business. This paper outlines five real-world tactics that you can use to enhance mobile security in your
organization. These tactics will help provide your workforce with the flexibility it needs to be productive
anywhere, anytime, while protecting valuable corporate assets and the enterprise network against imminent
security breaches and risk in an expanding mobile world.
bEwarE Of thE mObilE blind spOt — significant risk at stakE
Increasing busy lifestyles mean that employees must have the flexibility to work remotely to stay productive. However, such
flexibility requires remote access over often unsecured Internet connections. Employees log on at WiFi hotspots in coffee
shops, airports, hotels, remote offices, client offices and from home. They access corporate networks over laptops, smart
phones, and other portable wireless devices. Although this trend toward mobility can improve productivity, it also puts
corporate networks at significant risk.
When employees work remotely from wireless devices, they create a mobile blind spot. Simply put, corporate IT
departments cannot monitor what’s happening on those mobile assets once they log off the network. They cannot
guarantee the security of the corporate data on those devices, and they lose visibility into who is accessing corporate
data or, even worse, who might have access to the corporate network from those devices. A lost laptop with confidential
information or network passwords could cost a company millions in data loss, network downtime, stolen information, legal
costs and reputation.
By enabling employees to work remotely, IT departments have moved the datacenter to a collection of mobile devices
that travel to the dinner table, the coffee shop or little league field. The LAN is no longer the prevailing IT architecture for
conducting business in the 21st century. The Internet is now the corporate network. The question is how do you adopt
this more productive, more flexible way of working while keeping corporate assets secure?
Copyright © 2009 Qwest. All Rights Reserved. Not to be distributed or reproduced by anyone other than Qwest entities. 1
All marks are the property of the respective company. September 2009. WP101111 1/10

2. This question keeps CIOs up at night. According to an IDG Research Services survey conducted in 2008, 81% of
respondents reported being concerned about their reputation, while 79% were worried about legal consequences of a
security breach. Roughly 74% were concerned about losing critical data, while 58% listed compliance as a major concern.
Validation for these concerns is only going to increase. More and more hackers are trying to siphon proprietary data off of
corporate networks because it is a lucrative albeit illegal business. A balance must be created between maximizing employee
productivity and preventing security breeches that can be devastating to the company whose network is infiltrated.
fivE ways tO rEducE risk in a mObilE wOrkfOrcE and incrEasE EfficiEnciEs
Hosted services are being adopted quickly by companies interested in providing worker flexibility, increasing productivity
and maintaining high levels of security. With proper planning, it’s possible to replicate the security characteristics of a LAN
through a cloud-based, hosted computing model, where dynamically scalable and often virtualized resources—applications
and services—can be accessed and used over the Internet. Through this hosted model, companies can employ key tactics
that help minimize the mobile blind spot and increase work efficiencies. These five tactics include:
1. Ensuring visibility through continuous network monitoring.
2. Protecting business end points from theft and infiltration.
3. Safeguarding data at rest and in transit with encryption technologies.
4. Tying access to directories, identities and roles.
5. Enforcing productivity by extending office resources to employees working anywhere.
Ensuring visibility with continuous monitoring — tracking Esssentials increases productivity
No insight equals no awareness. If you’re not aware of what’s going on in your network, your data could be at risk. An IT
operations tool that can provide visibility to all corporate assets, including laptops, USB drives, phones and other portable
devices is essential to preventing breaches. Such a tool provides a single pane of glass through which IT staff can monitor
all mobile devices carrying corporate data and helps enforce policies based on visibility; in other words, if the IT department
can’t track activity on a device, access over the corporate network will be denied.
Monitoring services help reduce risk by enforcing devices are in compliance with corporate security policies, and by
identifying devices that are out of compliance. They determine whether or not devices are running the right versions of the
right software with the appropriate access rights. The service should also provide reporting on failed compliance and be able
to take actions to remediate the issue.
Copyright © 2009 Qwest. All Rights Reserved. Not to be distributed or reproduced by anyone other than Qwest entities. 2
All marks are the property of the respective company. September 2009. WP101111 1/10

3. Some monitoring services provide a dashboard from which administrators can easily check policy compliance on all devices
connected to the network to assist with remediation. For example, an administrator can glance at the dashboard and
see that an executive is attempting an important task but can’t complete the task because his device is lacking a particular
software update necessary for compliance. Because he has this visibility, the administrator can immediately address the
problem and help the executive complete his task. In this way, monitoring tools help increase productivity and ensure
business continuity.
protecting business Endpoints — requirements for compliance
A second tactic to improving mobile security is to protect and update business endpoints—that is, mobile computers and
any other device used to access corporate data. This is critical, even when the endpoint is not connected to the LAN.
Users can connect to the Internet and unintentionally download viruses and worms that can infect the machine, which
can in turn transfer the virus or worm to the corporate network once connected. Protection from startup to shutdown,
anywhere the device is used, is necessary. All devices should have all the security controls in place, including encryption
solutions and passwords, to be in compliance, both on or off the network.
In the cloud, a hosted platform can provide monitoring to enforce policies and remediate out-of-date software on all non-
compliant end points, or block non-compliant endpoints from connecting to the corporate network. These hosted services
can speak to remote devices, gather compliance information and report back to the corporate network, displaying the
results on the administrator’s dashboard. This capability helps narrow the mobile blind spot significantly.
Copyright © 2009 Qwest. All Rights Reserved. Not to be distributed or reproduced by anyone other than Qwest entities. 3
All marks are the property of the respective company. September 2009. WP101111 1/10

4. safeguard your business — maintaining your company reputation
With so many mobile workers, businesses cannot ignore the potential for loss or theft of corporate assets. What happens
when an employee stops somewhere on the way home, leaves his computer in his car, and someone breaks into the car
and steals it? Now, any sensitive data on the machine is vulnerable and in the hands of unauthorized people.
Data protection is particularly important to a company’s reputation. You want to make sure your customers know they
can trust you will keep their information secure.
Encryption technologies are the most common way to protect data at rest. Companies should employ hard drive
encryption solutions that make all data invisible to thieves. Data leak prevention for data in motion prevents the leakage of
sensitive data by inspecting the content of files based on set policies and taking appropriate action.
tie access to directories, identities and roles — protected access of corporate resources
Most companies allow teleworking for a number or reasons. Teleworking supports green initiatives and offers employees
the flexibility to work anywhere and thus be more productive. But is there a better solution for enabling remote working
than buying, distributing and managing large laptop inventories?
One way to minimize hardware costs is to leverage home computers that most workers already have. Companies
can provide access to corporate resources via USB drives and mobile keys, for example. Remote workers can sign on
remotely by entering credentials using any personal computer, and have a desktop view of their work PCs at home. With
single sign-on, employees gain remote access to corporate resources, without having to physically take a laptop out of
the office. This eliminates the risk of losing data through device theft or loss. Policies can be layered onto this model to
prevent copying and pasting information from work desktops to personal devices, as well.
minimize non-productive activity — Enforce policy with controls
Although teleworking can increase productivity by extending office resources to anywhere employees are, it’s important
to enforce that employees are indeed working when they are not in the office. In a down economy, acquisition decisions
weigh in productivity statistics heavily. Despite the demand for mobility in the workforce, unsupervised employees can be
easily distracted by personal business, such as email, web surfing and instant messaging.
To prevent lost productivity that can result from an increasingly mobile workforce, put policies in place and then enforce
them through specified controls:
• Establish a percentage of personal to business activities that remote workers should strive to achieve—75% may be a
good goal.
• Standardize on a single platform and limit ability for use of that platform outside company boundaries. For example,
you can place a gateway in the network to archive all conversations between employees.
• Notify employees that IM conversations are monitored and that logs are stored for managerial review.
• Require manager approval for external messaging access.
• Use software controls to restrict employees to using a company-wide platform only, and turn on the monitoring
function.
• Collect usage stats and generate reports to support disciplinary action.
Keep in mind that even if you tell your employees you’re monitoring their usage, the reality is no one has time to actually
go through all the logs. Send an email to every manager with a link to a log file of instant message files for each of their
reports. Suggest that managers review those links once a year..
Copyright © 2009 Qwest. All Rights Reserved. Not to be distributed or reproduced by anyone other than Qwest entities. 4
All marks are the property of the respective company. September 2009. WP101111 1/10

5. thE pEOplE and prOductivity havE lEft thE building — yOur sErvicE prOvidEr
can hElp
The truth is, business don’t have mobile and non-mobile workers anymore; every worker is mobile at some point. A
workforce that has the flexibility to be creative and the freedom to lead balanced lives will be more content and loyal,
and capable of moving the company forward. However, cyber crime is a recession-proof industry, and as the number of
incidents continues to increase, so do security and compliance requirements for mitigating risk. Implementing the right
policies and tactics will help you reap the benefits of mobility, without the risk. Companies that let the goal of preserving
brand integrity guide their budgetary decisions develop strategies that make sense and make the most of the dollars in
their budget. Here are a few things to keep in mind:
• Objectively assess the number of mobile devices in your network and create a realistic security budget line item.
• Identify key risk areas of your business—and determine what tactics make the most sense. What are the cost savings
and impact to your business in terms of reputation, stock price, valuation and risk prevention?
• Choose a provider who will work with you to consolidate architectures and provide an integrated approach.
• Stay in touch with your service provider and stay abreast of the tools available to you to help reduce risk and
eliminate the mobile blind spots.
CoNNeCt. SiMpliFY. eNhANCe. ®
with Qwest Business Solutions®
Qwest is focused on helping you work smarter, with services that leverage the latest technology and award-winning support.
Here are a few solutions that can address the issues covered in this solutions brief:
QwEst mObility™
Qwest Mobility lets you expand your business with a reliable, managed mobility solution. Qwest Mobility simplifies the
management of security features and company policy for desktop and laptop users, whether traveling for business, working from
home, at the office or temporarily assigned to non-office locations. This is an ideal service for customers needing a solution that
seamlessly integrates all necessary components for endpoint enforcement, remediation, VPN client integration, disk encryption
and data leak protection.
managEd sEcurity sErvicEs
With Managed Security Services, Qwest can administer and monitor your network on your behalf while you concentrate on
other mission-critical elements of your business. Let Qwest allow you to focus on what’s important—your business. And, save
you time and money through the use of our expert tools, skills, and processes to improve system uptime and performance,
optimize security investments, improve employee productivity, and demonstrate compliance. Tools such as Qwest Anti-Virus/
Anti-Spam, Qwest Web Defense, and Qwest Managed Firewall create layers of protection to help reduce the costs and
complexity associated with managing security while preventing the impact of security threats.
why QwEst
Qwest delivers reliable, scalable data and voice networking solutions, across one of the U.S. largest fiber footprints.
Qwest serves businesses of all sizes, ranging from small business to 95 percent of Fortune 500 companies, with industry-
leading SLAs and world-class customer service.
lEarn mOrE
For more information about Qwest voice and data services for large businesses, visit www.qwest.com/business or call
(877) 816-8553 to speak to a Qwest representative.
Copyright © 2009 Qwest. All Rights Reserved. Not to be distributed or reproduced by anyone other than Qwest entities. 5
All marks are the property of the respective company. September 2009. WP101111 1/10