Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Network security in the BYOD era

Hamish Barwick | July 10, 2012
The bring your own device (BYOD) phenomenon may be consumer-led, it may be tempting to also pass along network and data security onto employees, but doing so would lull you into a false sense of security.

The bring your own device (BYOD) phenomenon may be consumer-led, it may be tempting to also pass along network and data security onto employees, but doing so would lull you into a false sense of security.

If anything, BYOD means that IT departments should be more vigilant than ever in making sure their security policies are up to date and can handle tens of even hundreds of devices out in the wild beyond the confines of the corporate network.

A good place to start for making sure that BYO devices are secure, Gartner US research director, Lawrence Orans, argues, is to take a three-pronged approach which breaks security down into three layers: the device, the data and protecting the network.

On the device side, Orans warns that some devices may be inherently more secure than others, and as a result, to tailor BYOD policies which recognise this.

"The company may have a policy where you can bring in some brands of personal devices but not others," he says. "For example, some organisations allow iPhones and iPads but not devices that run on the Android operating system because of Android's open development platform which makes the phone more vulnerable to attacks.""

Orans adds that enterprises should use the network as their security gatekeeper to make sure that employees are playing by the rules.

For example, some companies allow employees to use their own iPhone on the network as long as it is running the corporate supported mobile device management agent.

"Having an MDM agent installed means that if the phone is lost or stolen it can be wiped remotely," he says.

However, according to Websense Australia and New Zealand country manager, Gerry Tucker, having an MDM and wiping devices is "not enough" because mobile devices are still subject to threats accessing Web and email content.

"While an MDM offering gives you device controls it does not protect against phishing attacks, malware, malicious apps, or data theft and loss," he says. "Email and Web lures still apply, plus redirects to free gifts, surveys, fake app pages, and credential-collecting scams."

According to Tucker, IT executives should install a solution which combines device management with real-time protection from data loss, dynamic web threats, mobile malware, and malicious mobile apps.

Data security

Gartner's Orans says that IT executives can secure the data using virtualized desktop infrastructure [VDI] and a hosted virtual desktop.

 

1  2  Next Page 

Sign up for Computerworld eNewsletters.