The next step in BYOD security
The explosion in development and adoption of smartphones and tablets for both personal and business use in the past two years is both a blessing and a curse to IT departments globally.
Known as the Bring Your Own Device (BYOD) phenomenon, on one hand, there is an opportunity for greatly increased productivity and decreased costs. On the other, there are increased security risks, management issues and even data and device ownership and governance issues.
From the executive who purchased an iPhone to boost personal productivity to the college professor who redesigned curriculum to take advantage of new tablet applications, users in all types of organizations are bringing consumer devices to work and school.
When they do, each expects access to business and educational applications and content, not just the Internet. Whether this expectation is justified is a moot point in today’s world of hotspot-filled public spaces and high-bandwidth wireless home networks.
Compounding the problem, the ratio of users to devices has grown from 1:1 to as many as 3:1 in many cases. A single user today will interchangeably connect to the network with a Windows laptop, and possibly an iOS or Android smartphone or a tablet many times throughout the day.
For IT organizations, BYOD means supporting a variety of devices and their operating systems, while maintaining a high level of experience for the end user, regardless of whether the device is personally- or corporate-owned.
To keep costs low, it must be easy to securely onboard new devices and quickly identify and resolve problems. For users, BYOD means using the laptop or smartphone that works best for their needs. But, they must also understand support considerations and what happens when a device is replaced, lost or stolen.
IT organizations should consider the following when first exploring a BYOD initiative:
- Device and information security implications
- Network accessibility per user and per device
- Centralized enforcement of policies
- Automated onboarding and profiling of devices
- IT and helpdesk overload and levels of visibility.
The effect of granting enterprise access to personal devices does have direct implications on security, information ownership, device/network control and even helpdesk resources. These security challenges include:
- Understanding who and what is on the network
- Keeping the network malware-free
- Determining the level of information that can be accessed by a BYOD endpoint
- Providing proper enforcement of access policies to maintain compliance and audit requirements.
Organisations can reap a wide range of benefits by embracing BYOD initiatives, including the ability to quickly support new devices, boost productivity, and in many cases, reduce expenses. However, the adoption of BYOD requires each user to understand the implications of personal devices, the type of information that can be accessed on these devices, and what is expected of them to meet pre- and post-authentication requirements.
IT and helpdesk resources can be quickly overwhelmed as the organization struggles to configure and support these new BYOD endpoints for secure network authentication and corporate use. The visibility needed to support successful and unsuccessful authentications will only increase as new devices are introduced and users adopt new applications that might or might not meet corporate guidelines.
Automated tools that allow end-users to securely self-onboard their devices are critical to offload the helpdesk organization. However, to be effective, a BYOD access management solution must be vendor neutral, based on open standards, and leverage an enterprise’s existing security, identity and network infrastructure, regardless of how or where users connect.