BYOD: keep your eyes on the enterprise

AccessData advises on securing the corporate network in a BYOD ecosystem

Tags: AccessData Group LLC (www.accessdata.com)
  • E-Mail
BYOD: keep your eyes on the enterprise Paul Wright, manager of professional services and investigation team, Middle East, India and Africa, AccessData.
By  Paul Wright Published  May 19, 2013

The prevailing movement, labeled "consumerisation of IT" or "bring your own device" (BYOD), will continue to shift the way employees interact with enterprise applications and information, which raises considerable security challenges for any organisation.

These devices may include an array of tablets, including Apple and Android smartphones, "Wintel" laptops, and devices we have yet to see. For some organisations, such as universities, the array of user devices may be unlimited, and therefore, their grasp on securing data may be tenuous for quite some time. Other organisations will be in a better position to leverage policy to control the devices allowed and to ensure they have the ability to investigate these devices as needed.

The need for employee productivity and flexibility; reduced operational costs; ease of employee provisioning; and organisational agility ensure that BYOD is here to stay.  However, to make BYOD viable, organisations rely on two key ingredients:  authentication and policy.  Authentication ensures that the right individuals and devices are allowed access to the appropriate resources.  Policy ideally defines what is allowed from a usage perspective, establishes the organisation's right to investigate employee-owned work devices, and outlines any security applications that are required to be installed on the employee devices.

Much of the industry conversation revolves around an organisation's ability to monitor and examine employee-owned devices.  Due to legal questions and privacy requirements, many organisations still do not have BYOD policies, as described above. However, whether an organisation has successfully implemented a concrete policy or not, the fact is the most critical elements in securing your enterprise against BYOD threats are enterprise visibility and remote remediation capabilities. If you can't see what's happening on the computers, servers and shares across your enterprise, as well as within network communications, you can't effectively defend yourself against any threat, let alone those originating from employee-owned devices.

BYOD programmes increase risk and compound the challenges organisations struggle with every day. Unfortunately, many of the threats that increase with the introduction of a BYOD programme are often not preventable.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code