Bring your own device (BYOD) programs are growing in popularity among companies hoping to increase productivity while keeping costs under control. These programs allow employees to use their personal smartphone, tablet, or other device at work for both personal and business purposes.
In addition to improving productivity and increasing cost efficiencies, BYOD programs are associated with better levels of employee satisfaction. But companies need to be aware of increased security and privacy vulnerabilities associated with allowing outside devices onto their internal networks, as well as ways to increase the security of a BYOD program.
Risks of BYOD
Outside devices represent a potentially uncontrolled entry point to the network, as well as an avenue for critical data to leave the network and fall into the wrong hands. To protect against those potential vulnerabilities, a company should endeavor to carefully monitor personal devices and put in place policies and procedures to control how those devices access and interact with the network.
Recommendations for Providing a Safe BYOD Program
1. Be thorough in BYOD preparation. Before rolling out a BYOD plan, a business should ensure that key personnel understand the goals of the plan and are involved with formulating policies. A business should study its privacy and security needs and understand any risks that might be associated with collecting and storing personal information from devices on company network assets. Privacy and security requirements should complement each other.
2. Formulate policies around BYOD to stop potential threats before they happen. Training employees about their responsibilities as participants in the program is a crucial step that can prevent inadvertent security lapses. Policies should be communicated clearly to every employee who participates. Employees should be made aware of how their devices and data will be monitored, and how they are allowed to use devices while accessing company networks.
3. Have a containment plan in place for security breaches. Once employees are trained to be the first line of defense against BYOD-related security risks, companies must prepare for the fact that security breaches are inevitable. Consider implementing a containerization policy, which essentially divides personal information from business information on devices. Mobile device management software can help restrict the mingling of information between the personal and business segments, thereby protecting company data.
4. Deploy standard security measures. Encrypting data that flows between personal devices and company networks is a logical security step. In addition, using secure connections to transmit data to and from devices will further protect the network from breaches. Finally, maintaining software and hardware and ensuring all patches and updates are complete will help protect equipment from a variety of security risks.
When breaches inevitably occur, companies should activate a formal process to contain the threat, including detecting, investigating, correcting, and reporting the problem in order to learn how to better handle future incursions.
Putting It All Together
Like any up-and-coming trend, BYOD has both its advantages and its risks. A thorough preparation process and development of thoughtful and flexible policies can address privacy concerns and help identify and prevent security breaches.
Companies that are careful to consider the implications of allowing personal devices onto their networks can capitalize on BYOD advantages while mitigating risks.
From refrigerators and trash receptacles to assembly line components like robots, anything and everything is now communicating through the Internet. The Internet of Things (IoT) creates a high volume of demand on web connectivity, and software-defined WAN (SD-WAN) is the key to supporting it all.
Since the early ages of the Internet, users have been the common end point. As business models have evolved and so many unusual objects have become Smart, devices are now the new common end point. As device connections approach the billions and trillions, cities and companies must look at their Internet infrastructure from sensors and gateways to the cloud. A hybrid of Internet services consisting of both public and private connections will need to be used to support IoT devices. SD-WAN will aid in managing the complexity of this hybridized network in an automated way.
The IoT must leverage both the LAN and WAN of an enterprise, and both sides must be strong and dependable. From wired and wireless local network connections to the larger world of WAN devices, each must be able to flawlessly communicate. Private networks become unrealistic when considering the vastness of the IoT device population, giving SD-WAN the perfect opportunity to save the day.
Complicated redundancies, efficient routing of traffic, and overcoming faulty connections are much more manageable through software automation. This means more reliable connectivity as the strengths of software and hardware are united. Using multiple WAN links helps the system find an alternate route if the original suffers a blip at any point. Everything from hardware to access management can be controlled from the cloud.
It’s easy to imagine the technical nightmare that would exist if each IoT device had to be managed separately. Thankfully, software-defined technologies like SD-WAN have come along. Hardware is now expected to function through the cloud and be managed via centrally operated software tools. Only through such simplification of hardware could the IoT have become such a phenomenon.
Simplicity should be the mindset when configuring Internet services for mass numbers of devices. SD-WAN applies simplicity at a network level to provide reliable and cost-effective connectivity, even for enormous networks. The use of virtualization hooks IoT sensors with entry routes and gateways to eliminate the need to constantly reconfigure the system each time a device or service is added.
The IoT is a technological marvel, but it requires a powerful support solution from device sensor to gateway and beyond. SD-WAN is that solution.
Millenials are now the single largest group in the American workforce – that’s more than 55 million working people who have never known a world without the Internet. As a group, they are ready and willing to work long, and even irregular, hours – but in exchange for that they expect a certain amount of freedom and mobility.
Employees want to be mobile, and companies can benefit from providing that ability. A robust and workable mobile workplace solution can be extremely complicated to set up and run, and there is great potential for less than stellar results. Unified communications (UC) is an integral piece of the mobile puzzle and can make all the difference in successful implementation.
One of the biggest weaknesses of non-UC mobile solutions is that they depend on devices that are often out of the control of IT. UC, by comparison, allows an employee on the go to securely access the communications system from almost any connected device.
One of the often under-appreciated features of a UC system is “presence” functionality. Ranging in complexity from simple, self-selected availability statuses to signals automatically calculated by the communications system itself, this function allows workers to determine the availability of anyone on the network and avoid interrupting them unnecessarily.
Seeing Is Believing
One of the major drawbacks of traditional telecommuting is that, no matter how much employees attempt to stay connected to the office, they tend to be left out of the loop from time to time. UC‘s robust video conferencing capabilities allow mobile employees to virtually present from any location.
With the ability to seamlessly switch between numerous communications channels at will, the medium no longer gets in the way of the message. Employees can jump from text, to voice, to video as the demands of the conversation dictate.
Find and Follow
Mobile employees tend not to follow the strict work/break schedules of their office-bound brethren. This can make it difficult to synchronize between mobile and non-mobile employees.
Find me/follow me functionality makes it possible for calls to a particular employee to be automatically routed to the device that employee is using, to bounce from device to device until a connection is made, or to be routed to another employee if the original recipient is unavailable.
The Internet made mobile work possible. UC is the missing puzzle piece that makes a mobile workforce workable.
Nearly everyone in the IT field has awareness of software-defined networking (SDN), but is likely unfamiliar with how it works or what it means to a company’s technology division. SDN appears to have staying power due to its many advantages, and it is important to have a good understanding of this powerful tool.
Explained simply, SDN is a way of centrally controlling network devices programmatically while decoupling the control of devices from the actual forwarding systems. Early SDN has now evolved into software-defined data centers (SDDC), since cloud data centers now manage most network devices using this method.
It’s useful to have an awareness of network functions virtualization (NFV), a current movement of managing network nodes in a similar manner. This is used mainly with load balancers, wide area network (WAN) accelerators, firewalls, routers, and intrusion detection equipment.
SDN vs. NFV
SDN and NFV are conceptually similar technologies but focus on different aspects of a network. SDN is ultimately concerned with routing traffic and data flow through the system as efficiently and reliably as possible by separating the management of devices from those responsible for forwarding traffic (data).
In contrast, NFV’s focus is on the network functions themselves. SDN would redirect traffic if part of the network was down or sluggish, whereas NFV would be used if a firewall needed to be reconfigured or moved to handle more capacity.
Using a centralized method of managing network devices is beneficial for systems with many devices. Large, complex networks become much easier to handle without constant supervision or intervention.
In addition, vendor-managed devices can be swapped out in favor of unmanaged switches. These are often far less expensive to acquire and the company can perform the management internally instead of outsourcing the task. In fact, a requirement of an SDN-designated product is that it must be vendor-neutral, per the governing body Open Networking Foundation.
Driving Forces Supporting SDN Expansion
A number of trends have blossomed over the last few years to prompt the use of SDN in tech. The following are worth mentioning, but would be highly difficult for traditional network and hardware management techniques to effectively handle.
- Data, application, and security management are moving to the cloud and data centers are used to manage this move.
- Agility is a necessity, and traditionally controlled devices do not allow such quick recovery or redirection to take place.
- Geographically distributed databases may live in public or private cloud, are spread across the world, and are accessed by a growing number of users.
- Big data is everywhere and must be available from anywhere in the world without latency.
- BYOD and the Internet of Things (IoT) are growing, and everything and everyone is connected.
Technology is all about evolution, and SDN is a tool that was designed as a result of this evolution. Networks must be scalable and supportable to any size. Businesses do not want to be tied to vendor-managed hardware, nor can they be patient with the delays or outages that are commonly seen as traditional systems fail to handle burgeoning traffic.
SDN is a necessary tool that exists to help with large systems and exploding data. Through the use of this powerful mechanism, networks become far more governable, reliable, and expandable to meet the needs of the business.
As the use of and dependence upon technology grows, network attacks have become more sophisticated. Indeed, perimeter defenses like firewalls and antivirus, no matter how layered, offer little protection against savvy cyber criminals intent on breaching network security. Anticipating an attack has become an inevitability for most companies. Building an effective disaster recovery (DR) strategy is necessary for operating securely in today’s connected marketplace.
An effective DR solution includes comprehensive risk management policies and incident response performances that are designed to mitigate the severity of an attack. By examining some common incident response failures, companies can better orchestrate their DR policies and meet the security challenges of tomorrow.
Poor Network Visibility
Without a clear understanding of the current IT environment, it’s impossible to adequately prepare a DR plan. The most important aspect of security involves knowing exactly what traffic is moving through the business network, where it originated, and which hardware it contacts. Without complete visibility, there’s no way to respond to possible threats.
Many DR plans call for the immediate isolation of an affected machine. However, unless the business is able to clearly identify lateral movement within the network, an eventual data breach could be forthcoming.
In order to proactively prevent an attack from escalating, companies must deploy web proxies and advanced firewalls that are designed to log, collect, analyze, and store interactions. Essentially, these technologies create an audit trail that can be utilized to address the threat and provide long-term actionable information.
Companies need a dedicated IT staff of experienced, competent personnel who can interpret and identify the information generated by these technologies. The advantage of employing IT professionals who understand the specific business network intimately is significant. Disaster response personnel should be able to communicate appropriate incident responses with each business department while keeping their attention solely dedicated to DR.
In many cases, an underfunded DR plan isn’t the result of a lack of available funding; it’s due to a lack of communication. DR personnel must be able to express their needs in a way that is relevant to the business’s success and profitability, stressing statistical information concerning repercussions created by a massive data breach (including both tangible and intangible consequences).
A business should develop standard IT security reports that can be delivered to various department managers and executives. These reports should include areas that are satisfactory as well as those that represent serious gaps in security that need to be addressed.
Comprehensive Risk Assessment
Any DR plan should address critical aspects first. The best way to ascertain specific business risks is to generate a comprehensive risk assessment and then use it to orchestrate explicit incident response levels. Companies should tailor responder access in relation to the risk management assessment so that key personnel have the ability to make infrastructure alterations without having to wait for authorization.
Companies can improve their DR performances by examining previous incident responses and equipping their internal IT support with the tools required to mitigate threats. Moreover, conducting a complete incident investigation in the wake of a disaster often helps illuminate gaps and provide key intelligence for future responses.