Need Help?

Huawei's BYOD Security Protects Leading Bank

12/25/2013 2:35:31 PM

Introduction

China Minsheng Banking Corp., Ltd. (CMBC), established in January 1996 in Beijing, is China's first national joint-stock commercial bank, with investments mainly from non-state-owned enterprises. As a pilot program of China's banking reform, CMBC has made proactive contributions to the reform and innovation of the Chinese banking industry. It has forged ahead with efforts to explore business opportunities, expand its assets, improve its profitability, and maintain rapid and healthy growth. The pervasive use of smart devices and the fast growth of mobile communications around the world have prompted CMBC's IT department to deploy a variety of mobile services, including mobile marketing, the mobile office, and mobile operations, in order to provide better services to its customers.

Challenges

CMBC plans to adopt the Bring Your Own Device (BYOD) work style for ordinary, non-confidential office matters to improve office efficiency and enable employees to use their own devices anywhere, anytime for the following:

  • Send and receive emails
  • Be notified of to-do tasks
  • Access Office Automation (OA) systems
  • Submit and approve to-do tasks
  • Conduct instant communication (including instant messaging, voice communication, and video and data conferencing).
  • Log in to employee forums, and conduct mobile marketing

Apart from BYOD devices, CMBC also intends to offer company-issued devices that have more customizable security features than BYOD devices. Using company-issued devices enables employees to access mobile applications that are inaccessible through BYOD devices, and also helps to better demonstrate the company's brand image during sales calls.

The use of company-issued devices will help:

  • Increase the flexibility of mobile office work, without violating the company's security regulations
  • In addition to BYOD working, employees can remotely access PC desktops or desktop clouds as well as key enterprise applications from the company-issued devices.

  • Enhance the level of professionalism in marketing
  • Company-issued devices use standard configurations and utilize consistent policies. These devices help CMBC fully demonstrate the company's position as a pioneering innovator in mobility.

Both BYOD and company-issued devices use 3G, 4G, and WiFi as transmission channels to securely access the company's internal networks. However, to ensure secure access, CMBC faces many challenges:

  • Untrusted device access:
  • Before they can be used, devices must be verified with a series of authentication and security inspection measures. If such measures are absent, unauthorized or virus-infected devices may directly access the internal networks, posing great security threats. Possible threats include unlawful user access, user intrusions, as well as virus and Trojan horse attacks.

  • Untrusted network transmission:
  • When employees work outdoors at public locations, they may use public WiFi hotspots that have security risks such as fake access points, spoofing, and sniffing. Hackers may lure or maliciously monitor employees' Internet access in an attempt to steal employee accounts or intercept confidential corporate data.

  • New, unlawful attack sources:
  • New mobile access methods may attract new kinds of attacks, such as mobile Internet and WLAN attacks. A new mobile system may not be strong enough to fend off new attacks, leaving businesses at high risk.

  • Proactive or reactive information leakage:
  • Employees may download sensitive corporate data since business applications are accessible through mobile devices. Due to mobile device problems (such as security concerns when lost or stolen), information dissemination becomes more convenient than ever, increasing the probability of information leakage.

  • Less strict application management and control:
  • Mobile services continue to outpace information security systems. As a result, some applications may be granted to users even though their security has not been thoroughly assessed. This may lead to unauthorized access to highly confidential corporate data or, even worse, data leakage.

Huawei Solution

Employees would like to access corporate data through their own devices anywhere, anytime. Assigning anywhere, anytime access rights to employees is in line with the corporate interest and helps improve employee productivity. However, it may also incur security risks. As a result, CMBC IT decided the company needed a more powerful security system. In response, Huawei offered a BYOD-capable information security protection solution that ensures end-to-end security for smart devices, networks, applications, and data centers. Huawei's solution offers a variety of benefits:

  • Huawei AnyOffice encrypts and securely stores data on smart devices.
  • Unique sandbox technology isolates corporate data from personal user data on smart devices.
  • Huawei's security Software Development Kit (SDK) makes it easy to integrate with other systems and to develop specific custom applications.
  • Huawei's application-level Virtual Private Network (VPN) technology ensures highly secure network transmission.
  • Huawei's mobile secure access management platform offers lifecycle-based device security and application management.

Function-rich Mobile Device Management (MDM) systems can precisely manage and control fast-changing mobile devices to safeguard security. Huawei's MDM helped CMBC build a more advanced, stringent security control system that accommodates its banking processes. Huawei's MDM includes a variety of prominent features:

  • Certificate-based authentication of Wi-Fi access for mobile devices, which prevents decryption attacks
  • Internal network administrators can verify GPS-based map information by accessing map server websites through Huawei gateways.

In addition, Huawei enables quick customization to respond to fast-changing mobile services in the banking industry. To date, Huawei has offered CMBC a variety of custom functions such as CMBC news, limited Wi-Fi connections, custom client logos and titles, and location-based security control.

Huawei delivers timely, global technology support services to CMBC and its customers, which help CMBC further advance its global business strategies.

What's more, Huawei's advanced, customizable, and trustworthy products assure bank customers of trouble-free mobility deployments.

Customer Benefits

In addition, Huawei enables quick customization to respond to fast-changing mobile services in the banking industry. To date, Huawei has offered CMBC a variety of custom functions such as CMBC news, limited Wi-Fi connections, custom client logos and titles, and location-based security control.

Huawei delivers timely, global technology support services to CMBC and its customers, which help CMBC further advance its global business strategies.

What's more, Huawei's advanced, customizable, and trustworthy products assure bank customers of trouble-free mobility deployments.

  • Thanks to its mobile card service, CMBC card personnel can complete and approve card applications within 15 minutes.
  • The paperless office greatly simplifies office work and reduces labor costs.
  • Mobile office work extends bank services to remote areas, breaking time and space constraints and prolonging the times to provide financial services.

CMBC is using Huawei's mobility solution to achieve personalized marketing, bring about new user experiences, and streamline its business strategies.

WORLDWIDE