BYOD Could Mean Bring Your Own Disaster

By

As adoption of wearables becomes more mainstream in the Middle East, it brings added complexity to BYOD in an enterprise. One of the more interesting features of wearable tech is its ability to tether to, and control, smartphones over a remote connection. So even if wearables are denied access to enterprise networks, they may already be able to access it. Which means they can download and store company data. Many come with built-in cameras. This will understandably make IT departments worried.

According to recent studies by Aruba, the new generation of employees –#GenMobile – expect mobility at the workplace to be a given, so any blanket decision to ban such devices from the workplace will be highly unpopular. In fact, almost two-thirds of study respondents say they use mobile devices to help them manage their work and personal lives better. 

If the decision is made to accept wearables into the organisation, it is unlikely that existing BYOD policies that govern the use of corporate data be enough - new policies will be required.

When tinkering with these policies, CIOs have to keep in mind the fact that there will be other IoT-based devices coming along that could be embedded into an employee’s clothing or even office kitchen appliances. The acronym “BYOD” will soon have to be replaced with “BYOX,” with the “X” symbolising “practically anything.” 

Failure of First Generation of BYOD policies – Lessons to be learned

The first generation of BYOD devices received similar levels of access to the network, in a fairly uniform approach. This needs to stop. CIOs

Ammar Enaya

should now turn their attention to the context of the use case, and the underlying communications network. This means putting in place solutions that can secure any mobile device that connects to corporate Wi-Fi; giving them complete visibility of the number, type and frequency of mobile devices assessing their network.

Today’s network should be capable of enforcing flexible security policies that are capable of analysing – and acting on - the context of how an employee uses the mobile device. For instance, an employee using a smartwatch at a coffee shop to access corporate data may not be granted the same level of access as one who uses a PC during office hours. Depending on the context, different policies should be applied to make sure that the right balance between flexibility and security is met.

By incorporating these new levels of network visibility, companies will also be able to identify specific applications and who is using them. After these apps are identified and visualised, access controls and policies should be applied to prioritise the performance of business-critical apps over personal ones. By analysing and controlling access management systems, it is possible to get as granular as disabling a device’s camera in restricted locations.

Key security considerations for BYOD

People talk about BYOD or 'choose-your-own-device' - but it could really end up being BYOD 'bring-your-own-disaster' if you haven't thought about the fallout of that going wrong. There are a number of security habits companies need to adopt to adequately protect themselves against a breach:

  1. Regulate Wi-Fi traffic with intelligent policy firewalls that can keep track of app usage. This ensures that different apps are classified according to its security rating based on the role of the employee within the organisation. These apps would be allowed to be used on select mobile devices by select users, only if they satisfy live security monitoring by the policy firewall and cloud-powered content filtering.
  2. Make sure that all communications over the air are encrypted and sent over secure channels. This requires a smart combination of encryption and VPN-on-demand technologies that prevent information from being snooped on, and – even in the event that the information falls into the wrong hands – is rendered gibberish.
  3. Focus on the interactions between users, apps and data. The perimeter has shifted from the idea of building a wall around your enterprise and fortifying your organisation with a firewall. The Internet of Theft (IOT) and Bring your own Disaster (BYOD) have become prevalent in the organisation, considering that business users and consumers nowadays demand access to data and business insights anywhere and in a commoditised form.
  4. Managing the security of BYOD, IoT, BYOX, whatever you’d like to call it, requires a secure yet flexible wireless network within the workplace. Companies should deploy flexible security policies that are capable of analysing – and acting on - the context of how an individual employee is using a mobile device, and where they are accessing information from.

By all means, organisations in the Middle East should embrace #GenMobile’s penchant for openness, innovation and collaboration, using any device they wish. But only when they can understand and plan for the security risks these behaviors bring along.




Edited by Alicia Young


SHARE THIS ARTICLE
Related Articles

Coding and Invention Made Fun

By: Special Guest    10/12/2018

SAM is a series of kits that integrates hardware and software with the Internet. Combining wireless building blocks composed of sensors and actors con…

Read More

Facebook Marketplace Now Leverages AI

By: Paula Bernier    10/3/2018

Artificial intelligence is changing the way businesses interact with customers. Facebook's announcement this week is just another example of how this …

Read More

Oct. 17 Webinar to Address Apache Spark Benefits, Tools

By: Paula Bernier    10/2/2018

In the upcoming webinar "Apache Spark: The New Enterprise Backbone for ETL, Batch and Real-time Streaming," industry experts will offer details on clo…

Read More

It's Black and White: Cybercriminals Are Spending 10x More Than Enterprises to Control, Disrupt and Steal

By: Cynthia S. Artin    9/26/2018

In a stunning new report by Carbon Black, "Hacking, Escalating Attacks and The Role of Threat Hunting" the company revealed that 92% of UK companies s…

Read More

6 Challenges of 5G, and the 9 Pillars of Assurance Strategy

By: Special Guest    9/17/2018

To make 5G possible, everything will change. The 5G network will involve new antennas and chipsets, new architectures, new KPIs, new vendors, cloud di…

Read More