Windows 10, BYOD and IoT: New Strategies for Securing the Network

By Special Guest
Rob Greer, CMO and SVP of Products, ForeScout Technologies, Inc.
January 14, 2016

The appeal of  “free” is undeniable. Perhaps that’s why Microsoft decided to offer Windows 10 as a free upgrade. Just as the free version 8.1 enjoyed higher download rates than version 8, it is estimated that Windows 10 will be downloaded to about two-thirds of all personal computers in the first 12 months. It may seem like a win for consumers, but it may create a huge gap between enterprise IT teams and employee devices.

Another factor in the release of Windows 10 is that, for the first time, Microsoft plans to expand Windows 10 to an unlimited number of devices via the “Internet of Things” (IoT). The IoT is becoming an increasing topic of conversation both in and outside of the workplace, in particular in discussions around how to secure these connected devices.

In addition to the IoT, enterprises must also deal with the BYOD (Bring Your Own Device) phenomenon. These two new technology realities present a much larger issue: how do you securely manage the onslaught of virtually invisible devices that are connecting to your corporate network?

An agent has to be running on the device for the IT operations team to be able to detect it – if you’re working with traditional endpoint security management. Since users will be upgrading their personal devices to Windows 10 on a massive scale—and therefore will not have agents—IT administrators need a way to identify, evaluate and secure all the new Windows 10 endpoints that are connecting to their networks. Security through agentless visibility empowers IT to see how many endpoints are accessing the enterprise network and be proactive about only allowing compliant devices to access valuable applications and data.

While BYOD is convenient for employees, it can cause a real nightmare for IT organizations. The truth that can’t be ignored is that BYOD is here to stay, and steps must be taken to safely embrace it. To provide a secure network, enterprises must include:

  • Policy-based network access: Organizations should enforce network access based on user, device and security posture so they can implement best-practice network segmentation for guests, contractors, business partners and employees. This allows organizations to onboard Windows 10 devices brought by guests, employees and vendors in a secure manner and provide them access to only the network resources they require to remain productive. If you are somehow able to get your arms around your employee’s personal and company-issued devices, you’d be remiss to ignore the potential threat of visiting vendors, interviewees and delivery personnel.
  • Real-time context: Organizations need to ensure that Windows 10 endpoints are compliant with their security policies and can share real-time context about Windows 10 devices with their existing SIEM (Security Information and Event Management), NGFW (Next Generation Firewall), EPP (Endpoint Protection) and patch management systems.
  • Visibility into ALL devices: Assigning responsibility to the IT department to handle threats on both managed and unmanaged (agentless) devices isn’t scalable as cybercriminal sophistication increases. Simply throwing people at the problem isn’t fiscally responsible, nor can it guarantee full visibility into all devices.

As the network and the number of things it’s connected to expand, keeping it safe becomes increasingly complex. Most networks today include an accumulation of security products added over time, layered on top of each other vertically and laterally.  Add the challenge of IoT, BYOD and free upgrades—such as the Windows 10 release—and the result is a complicated infrastructure where full protection from cyber attacks is a daunting task.

It’s not realistic to prevent employees from upgrading to Windows 10 just to buy some time.

Upgrades of this nature have become the norm, and it’s better to embrace rather than fight the growing trend. The last two years show that no matter how robust the external defenses, a determined and persistent adversary can find a way to infiltrate a corporate network.

Best practices for IT organizations today include a security strategy with policy-based network access, the ability to share real-time context and visibility into both managed and unmanaged devices. This well-rounded approach will help to bar cyber criminals while granting access to employees, no matter their device or software upgrade. IT security teams will also then be prepared to deal with IoT devices as they make their way onto the network. “Free” is a great word, but when it comes to securing enterprise network environments, “visibility” is an even better one.

About the author:

Rob Greer has served as CMO and SVP of products at ForeScout since June 2015. Prior to joining ForeScout, he served as vice president and general manager of the Network Security division at HP Software, where he was responsible for determining product strategy, delivery, customer success and overall P&L.  Before that, Rob served in numerous leadership roles at Symantec, ClearApp (acquired by Oracle), SonicWALL, and Ignyte Technology, Inc., where he was founder and chief executive officer.  He earned a Bachelor degree in Management Information Systems from San Jose State University.

Edited by Kyle Piscioniere

Related Articles

Pai Makes His Case for Title II Repeal

By: Paula Bernier    11/21/2017

FCC Chairman Ajit Pai today made clear his plans to repeal Title II net neutrality rules. The commission is expected to pass his proposal at its Dec. …

Read More

Mist Applies AI to Improve Wi-Fi

By: Paula Bernier    11/9/2017

Mist has created an AI-driven wireless platform that puts the user and his or mobile device at the heart of the wireless network. Combining machine le…

Read More

International Tech Innovation Growing, Says Consumer Technology Association

By: Doug Mohney    11/8/2017

The Consumer Technology Association (CTA) is best known for the world's largest trade event, but the organization's reach is growing far beyond the CE…

Read More

Broadcom Makes Unsolicited $130B Bid for Qualcomm

By: Paula Bernier    11/6/2017

In what could result in the biggest tech deal in history, semiconductor company Broadcom has made an offer to buy Qualcomm for a whopping $130 billion…

Read More

How Google's 'Moonshot' Could Benefit Industrial Markets

By: Kayla Matthews    10/30/2017

The term "moonshot" encapsulates the spirit of technological achievement: an accomplishment so ambitious, so improbable, that it's equivalent to sendi…

Read More