Securing BYOD (Bring Your Own Device)

In the article What is BYOD we got a basic idea about the term BYOD and we came to know that major hurdles in implementing this in large scale are some security issues. Enterprises do not want to sacrifice security by letting employees use the devices of their choice in the corporate network. IT must frame a minimum security guidelines, which every device in the corporate network should meet. Security guideline should include various aspects of security, like remote access or VPN access, antivirus software, encryption software, WiFi security, malware prevention software, strict password policy, no admin access to the device

Ensuring protection of corporate data is the biggest challenge with BYOD BYOD-300x298implementation. IT can implement tight control and restrictive usage policies on company owned devices. Same policies however cannot be implemented on employee owned devices, as employees use the same device for personal and professional work. File sharing services hosted on the cloud can be used for personal data, but it is very unsafe to store confidential corporate data on the cloud.

 

In case of lost or stolen devices, it is mandatory for IT to revoke access granted to the lost devices and in case of employee termination IT must wipe out all the data from the employee’s personal devices. IT must also find a way to prevent an employee from sharing the confidential data to a third party.There are many such issues that IT face while implementing BYOD.

 

IT and Networking organizations like Cisco offer solutions for most of these problems. On a high-level, according to Cisco, the BYOD solution must provide wired, WiFi, remote and mobile access to the network from various genre of devices. The solution must also be capable of enforcing various access policies. It should offer secure access and seamless experience to user while moving from the corporate WiFi network to a public 3G/4G mobile network.

 

One of the core components of Cisco’s BYOD solution architecture is Cisco Identity Services Engine (ISE), which offers a number of services including:

  • Authentication
  • Authorization
  • Device Profiling
  • Self-service registration and enrollment portals
  • Device registration and provisioning.
  • Certificate enrollment
  • Posture assessment
  • Policy definition
  • Reporting and blacklisting of lost or stolen devices.

 

Smart phones usage has exponentially increased across the world. Employees carry their smart phones to work every day and use it for many services and applications by connecting to corporate network. The security issues discussed above again come into picture. In the recent Mobile World Congress that happened in Feb 2013 at Barcelona, a simple solution was offered for issues that smart phones face in a BYOD environment.

 

The solution is to run two separate operating systems on the same mobile device, one OS for personal and another OS for business. This solution will be tested by Red Bend Software, Waltham, Mass., and Samsung on the dual-persona version of Samsung’s flagship device Galaxy S III. In this solution a single smartphone will be able to run two separate Android operating systems. In this way if security is compromised on the personal phone, the enterprise operating system will not be impacted. It will also help in separating business and personal data.

 

Innovative solutions like these will definitely help businesses deploy BYOD at a large scale.

Facebook Comments

Share this post

Post Comment