Corporate leaders and IT departments are facing a new trend in office life: the bring your own device (BYOD) workplace. What's involved in allowing employees to bring their own mobile devices to work? What are the implications of employees using their own devices to, in theory, access all the same corporate applications and data they do on company-owned devices? The technical issues around that vision are enough to make an IT person feel a bit queasy.
Network Access Control
Making the BYO') workplace effective requires striking the right balance between usability and security. There are two aspects to BYOD security. One is centered on the mobile device, the other on the corporate network. Since the company retains control over its IT network, that's typically where security measures start.
A major part of network access control (NAC) solutions for BYOD focuses on safeguarding the network from unmanaged devices. A frequently used NAC approach is to create a secondary wireless local area network (WLAN) so that noncorporate devices remain segregated from the main network and Internet traffic can be separated from corporate traffic. This WLAN also enables levels of access to be defined based on the user and device. Without the proper credentials, the WLAN with critical data remains secure and inaccessible.
Some companies create a virtual private network (VPN) that provides access to a private network across a public network, such as the Internet. It requires user authentication before system access is granted. According to Sean Wiese, information security officer for National Information Solutions Cooperative (Mandan, N.D.), a VPN typically is created when laptops are in use because these devices are more data- and application-rich. However, VPNs are not a common way to secure networks from access by smart-phones or tablets.
The way the trend is moving is that these types of devices are viewed as "always on and always connected," Wiese explained. "To access company email or work calendars means a hole needs to be poked through the network firewall so services can be accessed." While users typically have to enter a username and password to get to this data, security risks on the mobile user's end still have the potential to do harm to the network.
LESSONS FOR EMPLOYERS FROM SCHOOLS' BYOD EXPERIENCE
One arena where a bring your own device (BYOD) policy is gaining a stronghold is in educcrtion. As BYOD has rolled out, schools have resolved...