BYOD and Collaboration Don't Have to be Next National Security Threat
The network plays a unique role in addressing the BYOD challenges around security
I have no doubt that collaboration will increasingly become more mobile; not only off-premise but also within the office premises, employees will use their mobile platforms more often. Imagine a world where mobile collaboration reigns... I certainly see this in a not-so-distant future.
Perhaps I am an early adopter of technology trends, but I have been bringing my own devices (Mac, iPhone, iPad, and various Android devices) to work for the last five years. At Cisco, I have watched the evolution of this Bring Your Own Device (BYOD) trend go from a strict environment of a few supported and paid-for enterprise devices, to employees choosing the device and services they want to use and pay for out of their own pocket. Throughout this transition IT has focused on providing access flexibility to enterprise resources in a secure manner.
There is no question that BYOD brings a variety of security concerns. Securing corporate data, applications, and systems is essential to any BYOD strategy. With all the media attention on the National Security Agency (NSA) surveillance program leak, organizations allowing or thinking of allowing personal devices for work use could be reevaluating their decision.
You may think I am biased, given the company I work for, but I strongly believe that the network plays a unique role in addressing the BYOD challenges. Think about it... the network is the one element that touches every aspect of a BYOD solution.
There is always a security threat when thousands of users bring their own devices onto the enterprise network, but I believe we have the tools to minimize the threat. There are a number of options available to secure personal devices; important as well, the choice has to take the user experience into consideration.
Let me give you a few examples.
A BYOD solution must start with a robust identity system that does not discriminate between devices (smartphones, computers and tablets for work or for play) but does differentiate employees, partners, customers, or visitors in order to grant appropriate access. To deliver a meaningful experience across all devices, a true enterprise-class solution has to start by authenticating the user; it also lets you dictate that person's level of connectivity and access to applications and data.
You want to exercise network access control and policies to ensure secure and trusted access to applications and data. It is also a good idea to establish a baseline for device capabilities and behaviors you are willing to support.
For example, if data encryption on mobile devices is important to you, then demand and enforce that any device connected to your network supports encryption. Another example is remote data wipe, which is almost table stakes these days; if things turn bad, the remote wipe is the immediate and undisputable answer. With the proliferation of mobile devices, it is more critical to secure, control, and manage access to your intellectual property. (I will leave the topic of the separation of enterprise and personal data debate for a future blog).
It's important to understand that multiple capabilities go into delivering an enterprise-class BYOD solution. The network enables real-time, interactive communication and collaboration anytime, anywhere, and from any device to enterprise systems in a secure manner.
Once the user, device, and data are secured, you can deliver a rich collaborative experience that includes video, voice, messaging and sharing with an uncompromised user experience.