Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Give and go: New Orleans Hornets and Array Networks

The NBA's New Orleans Hornets needed to provide a highly mobile staff with a secure method for communicating, reports Greg Masters.

While fans cheer the action unfolding on the court of the New Orleans Arena, away from the drives, dishes and dunks, another less visible, but vital, team is also hard at work. 

The players and coaches of the New Orleans Hornets garner the adulation, or ire, of the home crowd and the celebrity status and hero worship nurtured by local and national media outlets, but behind the players in uniform, also in constant motion – though fingers flying across a keyboard faster than a full-court press – sits a 160-person professional sports organization. And, it's not just the visiting basketball teams coming into the Big Easy that pose a challenge for the franchise. Enabling staff to communicate securely in an age when personnel bring their own devices to work and travel frequently proved a stern test for Tod Caflisch, vice president of information technology, and his three-person IT staff.

“We needed a solution for making employees productive on iPads from any location,” says Caflisch (left), who is responsible for voice and data technologies for the Hornets' headquarters offices, arena, practice facilities and team events. In addition to iPads supplied by the team, employees were also bringing personal iPads to work. And, aside from internet access and email, there was no way for the team's workers to use the tablets for business in a secure environment. Agents, scouts, salespeople and other field staff needed to lighten their load by moving to tablets, but at the same time requiring access to the information and applications essential for their jobs, says Caflisch.

For example, scouts required iPad access to personnel reports and video footage saved on their office PCs in order to evaluate and compare prospective players in real time. Caflisch says his staff also wanted to move away from virtual private network (VPN) access, due to security concerns and the cost of purchasing and managing laptops and ancillary security hardware and software. Also, he sought a solution that would put an end to employees using flash drives to take work home, a practice that was prone to data leakage and other issues caused by incompatible application software and versions.

Caflisch was the primary evaluator and decision-maker in determining how to address these challenges. He worked with iSecure, an IT partner with whom he says he has a good relationship to review options.

He and his team looked at VPNs and what could be done in conjunction with mobile device management (MDM), and also virtualization solutions for providing tablet access based on a server-based computing model.

They also examined which solution was going to provide the best combination of ease-of-use, security, speed, cost and ability to mobilize applications. After evaluating a number of products and services, they chose a DesktopDirect appliance from Array Networks for review and evaluation.

Using personal devices for work

With Array, Caflisch says his team was able to leverage and extend existing applications to mobile devices, while at the same time create a clear separation between mobile devices and the corporate network.

“DesktopDirect is an innovative, appliance-based remote desktop solution that enables workers to use personal devices to control physical or virtual office desktops and applications from any location,” says Lior Rappaport, vice president of mobility at Array Networks, a global technology company with U.S. headquarters in Milpitas, Calif. “Whether users are on their home PCs, on a laptop at a customer or partner site or on an iPhone, iPad or Android device, they can work just as if they were sitting in the office without the risk of data leaving the network.”

The DesktopDirect appliance is installed on the corporate network and integrates with existing identity management solutions to establish user credentials, says Caflisch. Physical or virtual office desktops and applications are registered for remote and mobile access either by users or IT, or automatically via a database. 

To use a personal device to remotely control office desktops or applications, users need only a common web browser or the free DesktopDirect mobile app for smartphones and tablets, Rappaport adds. Users simply launch a browser or mobile app, login and begin using their registered applications and desktops.

In comparison to VPN and MDM solutions, DesktopDirect does not allow devices to connect to the corporate network at the network level, says Rappaport. Because sensitive data never resides on mobile devices, there is no need for provisions – like remote wiping, etc. – and the sticky questions that come along with it, such as how to avoid erasing personal data when having to purge business data, he adds.

Further, in comparison to server-based computing solutions, DesktopDirect can provide access to physical desktops and laptops, as well as virtual infrastructure from multiple vendors. In this way, users have one streamlined process for accessing their enterprise desktops and applications. In addition, it provides a single platform to manage.

The tool quickly demonstrated its ability to securely extend office desktops and applications to mobile devices, says the Caflisch. At that point, he says, his team selected the Array solution, and there has been no looking back.

He says Array's registration technology helped him quickly provision iPad access for individual employee PCs, and within a short time, the entire Hornet's staff was up and running. “Basically the solution allows each employee to be responsible for naming and registering the resources they wish to access over a mobile device.” This offloads work from him, he says, but also makes it easier for workers to recognize the custom names they give their desktops and applications.  

As far as issues go with meeting compliance mandates, Caflisch says his organization doesn't need to meet any specific requirements, but there certainly is a need to keep control over sensitive information. “This was a primary factor in selecting Array Network's DesktopDirect and moving away from traditional VPN solutions that open the corporate network and allow remote and mobile devices to directly connect,” he says. “While we still use VPN to provide connectivity from managed laptops where select users require it, we are scaling back reliance on VPN.” Today, he says, DesktopDirect serves the majority of the Hornets' remote access requirements due to security advantages and the ability to make business applications available to mobile devices.

Employees “love it”

The solution has been made available to essentially the entire staff. “So far, they love it because it allows them to get out of the office and because they can finally use their iPads for business,” says Caflisch. Because employees work between 40 to 60 hours a week and sometimes more, and because they often work nights and weekends due to games, they need a solution that is highly portable and can be used anywhere at any time,” he says. “The DesktopDirect solution has met and exceeded this requirement and has had a hugely positive influence on our employees and their ability to conduct business.”

An interesting use case that is developing, he adds, is the control over playbooks assigned to players and coaching staff. In place of physical documents, which are prone to being lost, stolen or misappropriated, the team can now store this information on its network and extend the information to players over a mobile device. “In this manner, the sensitive information is available to users where and when it is needed, but never leaves the corporate network,” says Caflisch. “It doesn't matter what happens to the device, and the data cannot be copied and pasted.”

And, as far as keeping current with an always evolving software environment, updates to the DesktopDirect mobile application for iOS and Android are pushed automatically to the Apple's App Store and Google Play. Updates for the DesktopDirect appliance are sent to customers directly, says Array's Rappaport.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.