Mobility has ceased to be a feature applied exclusively to corporate environments, becoming an indispensable condition of modern life for everyone. Today we cannot conceive of a person without access to a smartphone, a tablet, and similar devices, which have emerged not only as status symbols, but as productivity tools with growing presence in business circles. As a result, a new trend has appeared in corporate communications technology, known as “Bring Your Own Device” or BYOD, which is nothing more than granting access to corporate resources to a company’s employees and guest or external users, which involves a strategy to prevent security threats to data, which is any organization’s most valuable asset.
Sales of smartphones and tablets have already surpassed laptops and the trend continues. By 2015, forecasts indicate that there will be around 2 billion mobile devices in the world, of which at least 75% will be accessing corporate networks. This represents an enormous challenge for corporate network infrastructure, and at the same time an opportunity to boost employee productivity, giving employees the satisfaction of using their own devices to access company resources, with the added advantage of being able to do so anywhere and anytime. But allowing such devices to access network resources in turn obliges companies to maintain total and permanent control, not only of devices per se, but of the information they access, as there are latent threats to sensitive data which can be leaked from such devices over which companies lack total control, because they are not their property. In this context, there needs to be segmentation between personal and corporate data which resides on and travels over the web, from and to such devices, to effectively control its use, preventing it from leaving the corporate environment.
At Enterasys we see some key factors for successful implementation of a BYOD solution, among which we can mention the following:
The wireless network that supports all these devices has to be robust enough not to crash under the density of devices/users that will be connected simultaneously, and scalable to grow quickly and easily at the same rate as the devices that access it.
There need to be automation tools with centralized network administration and management, which make it intelligent and simple enough to contain improper behavior and access to sensitive company data. This prevents an avalanche of calls to help desks and requests for administration by company IT personnel.
All activity of users/devices on the network should be recorded for purposes of subsequent forensic analysis, should the need arise. In addition, reports should be generated that facilitate compliance with laws and regulations related to the company’s activity.
Granular management which allows network administrators to define terms of access and control bandwidth for a given user/device, by user, type of device, date/time of access, physical location, application used, etc. This not only conditions access to information, but helps ensure better use of IT resources, preventing a few users/devices from using up all available resources, and prioritizing those that are really critical to the organization.
Ongoing management of company information is not limited only to storage and transport on the data network, but extends beyond the company’s boundaries, to the location of devices, wherever they may be.
Validating device health status, before and during access to corporate resources helps guarantee the integrity of company data from end to end. If a device fails the health check before logging onto the network or after logging on its status changes or its performance fails to adhere to corporate security directives, denial of access to sensitive data and remote elimination of such data from the device must be assured.
Like these, there are other strategies that support successful deployment of a BYOD strategy in an organization, but it must all be accompanied by an effective communication plan which allows, and practically requires, all persons who attempt to access corporate resources, whether employees, guests, contractors, etc., to know the conditions for acceptable use of the data and IT resources to which they will gain access, and the responsibilities such access entails.
Integration of Enterasys BYOD with other solutions such as Mobile Device Management (MDM), Web Filtering, Firewall, and IDS/IPS, among others, further strengthen its features, resulting not only in more secure networks, but better managed and administered ones, with full end-to-end visibility, both in real time and historically. This positions Enterasys among the leaders of this new technology trend, which inevitably will penetrate, sooner than later, the conditions of corporate networks, regardless of their size.