Securing PCs in the Wild:
Endpoint Policy Management brings security
and productivity to nomadic employees.

Where the Wild Things Are

Computing in the wild is risky business. Spyware, viruses, worms and other productivity-killing malware lurk throughout the Internet, ready to infect your employees' mobile systems. Without a way to quickly provide security updates to these mobile devices, this looming threat becomes a very real nightmare as mobile workers reattach to the corporate network and infect your enterprise.

"It's not only the next virus or worm that keeps the IT manager sleepless at night, but also how to disseminate the remedy quickly across the entire user base in order to prevent or minimize damage," states Eric Paulak, vice president and research director for Gartner. "There is a definitive need in the market for a solution that would give IT departments both the ability to force users into compliance at the time of connections, as well as actively monitor the compliance status of their enterprise user base."

Shooting Down Viruses without Killing Productivity

Endpoint security is a moving target. New viruses and worms pop up regularly and you do your best to shoot them down by deploying new OS patches and anti-virus updates. With any luck, you stay one step ahead of the game. Then, a well-meaning mobile user attaches to the network and re-infects the enterprise.

Traveling employees, day extenders, telecommuters and windshield warriors must remain productive and responsive to customer needs. So restricting mobile users from attaching to the network isn't a viable option. Yet, as many companies have discovered, a well-meaning employee can bring business operations to a grinding halt if they access enterprise resources prior to receiving the latest security updates and OS patches. The financial impact of out-of-compliance mobile systems can be devastating. It's estimated that MyDoom, Sasser and NetSky have cost businesses $11 Billion in cleanup expenses and lost productivity in 2004 alone.

Introducing Endpoint Policy Management™

Fortunately, there's Endpoint Policy Management from iPass. This valuable extension to the iPass Corporate Access™ service automates security policy management, enforcement and remediation for endpoint devices-protecting mobile users anytime they connect to the Internet.

Endpoint Policy Management streamlines and automates patch management for Microsoft Windows® operating system (OS) and antivirus updates. This iPass-hosted service allows your IT staff to quickly control and customize your policies using a secure Web console.

Continuous, Automated Assessment. Endpoint Policy Management performs an immediate inventory of the software installed on your endpoint devices, including Windows OS configurations and antivirus software. It then promptly runs a security assessment without requiring user interaction.

Automated Remediation. After assessing the endpoint device, Endpoint Policy Management installs new Microsoft OS patches and anti-virus definition files based on your security policies and priority levels. It relies on your professional assessment of which updates are critical or non-critical.

Verification and VPN Launch. Endpoint Policy Management reports back to the iPassConnect. universal client on the endpoint's remediation status and only allows a VPN to be launched once remediation is completed.

Automated Patch Management. Endpoint Policy Management simplifies the ongoing task of administering Microsoft OS patches. Each time an OS patch is released from Microsoft, it becomes directly available through the Endpoint Policy Management Web console.