Mobility and the Enterprise – 9 Steps for Embracing and Managing the Emerging BYOD Trend

Businesses of all sizes find themselves in unknown territory with the exponential growth of the mobile workforce and the “consumerization of IT.” In particular, employees are extending their workday and increasing office efficiency by using their own personal technology such as, smartphone and tablet devices. Because corporate IT is not always dictating which smartphone or tablet employees should use— the result can be a hodge-podge (at best) or chaotic (at worse) set of applications, devices and technologies to support and manage. Corporate IT functions have already lost control of employee access to the corporate network – which implies potentially catastrophic security repercussions. What’s more, the issue is not just about security, but also about productivity. In an ironic twist, the early adoption of BYOD (bring your own device) was seen as supporting and driving employee productivity.

Mobile device usage by employees is adding new and significant pressure on corporate network resources. It is not just high-bandwidth content such as video, but also social media and the use of ‘pet’ applications. According to a study by IDC, 10.9 billion mobile apps were downloaded in 2010. IDC expects this figure to increase by XX% to nearly 76.9 billion by 20141. The combination of these factors puts IT departments in a serious dilemma between driving productivity and securing the network. Luckily, the channel can step up to help solve this challenge by being an informed source and trusted guide. The following is a set of critical technology deployment considerations to help guide customers toward building IT environments that embrace and enable emerging mobile technologies…but in a managed, effective and secure way.

SSL VPN Access – Improved Management
Agent-based Secure Sockets Layer Virtual Private Networking (SSL VPN) tunnels add easy “in-office” network-level access to critical client-server resources from laptops, smartphones and tablets, thereby minimizing demand on IT support. Administrators should select SSL VPN gateway solutions that have certified smartphone/tablet clients from the same vendors. This provides a single point of management and similar user experience for laptops and smartphones.

Reverse Web Proxy for Ease of Deployment
By providing standard web browser access to web resources, reverse proxies can authenticate and encrypt web-based access to network resources. Reverse proxy also offers agnostic (TO WHAT?) access agnostically to laptop, smartphone and tablet platforms. This makes it easier to deploy and manage mobility solutions.

Scan Mobile Traffic To Ensure Clean VPN
Smartphones and tablets can act as conduits to enable malware to cross the network perimeter. This applies especially to WiFi or 3G/4G connections, because they are not controlled by network security. Integrated deployment with a next-generation firewall (NGFW) establishes a Clean VPN™ that first decrypts, then scans all transmitted data.

Control Data-in-flight To Prevent Attacks
Data leakage protection can scan outbound traffic for watermarked content, even if that traffic is encrypted. At the same time, IT should scan all data-in-flight for malware. This helps prevent internally launched outbound botnet attacks that can damage corporate reputation and get business-critical email servers blacklisted.

Implement Application Intelligence for Better Control
As primarily a web-enabled device, smartphones and tablets can access applications such as social media and streaming video. IT should implement application intelligence and control technology to establish control over these applications.

Deep Packet Inspection for Wireless Access Security
Analysts expect 90% of smartphones to have WiFi functionality by 2014 * Security for wireless networks has to be on par with wired networks running deep packet inspection. To be as secure as wired networks, IT should apply WPA2 and deep packet inspection to traffic connected to the corporate network over WiFi, as well as other security features such as deep packet inspection.

Application-Intelligent to Increase Traffic Bandwidth
Organizations need to control converged voice-and-data communications enabled by smartphones directly connected to the corporate network, and optimize quality of service and bandwidth management. Application-intelligent bandwidth management ideally addresses this common challenge.

Visualization Tools for Managing Bandwidth Activity
To control the proper use of mobile networks, administrators need tools to provide them with the ability to view traffic and adjust network policy based on critical observations. This enables administrators to ensure bandwidth for mobile device traffic, while adjusting policy to restrict or block bandwidth-consuming traffic.

Device Identification for Easy Retrieval of Lost Devices
Smartphones and tablets can get lost, stolen or compromised. Device identification technology uses serial number information to allow organizations to chain a specific mobile device to a specific user. Also, smartphone and tablet OS vendors typically offer a “remote wipe” feature for when the devices are lost or stolen.

The truth is, no matter how hard an IT department tries, the ability to control which devices employees use is a losing battle. Even if company policies dictate which smartphones or tablets employees can use for work purposes, there will always be stragglers shrewd enough to connect to the company’s network from their own favorite devices. However, understanding the BYOD trend, and knowing what can be done to securely manage it, will lessen the headaches and the workload of any beleaguered IT team trying to secure an enterprise network.

* Source: “Survey: Wi-Fi becoming smartphone must-have,” CNET News, April 1, 2009 – quoted in White paper: 10 Best Practices: Controlling Smartphone Access to Corporate Networks.

This is a sponsored guest post written by Patrick Sweeney, Vice President of Product Management and Corporate Marketing .