The biggest mega-trends we have seen in 2012 are; SDN (Software-Defined Networking), cloud computing, social analytics, apps stores and BYOD (Bring Your Own Device), with the two biggest trends being cloud and BYOD. As we see the popularity of smart-devices now infiltrating the workplace, it has been a natural progression for people to want to use their own familiar devices to carry out work functions.
With this occurrence though comes real security risks, as data is no longer being protected via the IT Department. A recent study has shown that approximately 73% of enterprises have non-IT managed devices accessing company data.
Thomas Borrel of BlueCat Networks Inc, recently said “The main problems with the BYOD culture is how to have secure onboarding, how to prevent applications like DropBox being installed and how to restrict access to web browsers in order to prevent data leakage. The idea is not to force users to uninstall Apps they usually use at home, but how to prevent them accessing them within the four walls of the enterprise”.
When it comes to protecting corporate data, there needs to be a good strategy behind how users can access the network. Therefore, individual devices should be made to registered onto the network, so that IT can manage users access privileges to corporate data and see when any conflicts occur. And in the event of lost or stolen devices, remotely clean corporate data from the device.
At present some of the BYOD processes can be very convoluted; as the user generally has to make a BYOD request, then read and sign the end user licence agreement, before connecting their device to a network to download software that then prevents the user from accessing certain applications from their device. The good news is, that as we start to see a sharp uptake of BYOD, so too are we seeing a much more automated and simpler process as enterprises now enforce compliance using Network Access Control (NAC) and device MAC addresses. So all the while your device is attached to the enterprise network if you try to access a restricted application, your device will be unable to locate the server and thereby preventing data leakage.
Generally if an enterprise embraces cloud technology they usually also adopt a mobile policy, but studies show that for now companies are still lagging behind when it comes to creating a BYOD strategy for the use of personal devices. But if you consider the value of corporate data and the risk of losing it and potentially your reputation, it is surprising that so few mobile conscientious companies have personal devices on their security radar.
Image from http://www.freedigitalphotos.net