It doesn’t matter if you call it the Consumerization of IT, or the Bring Your Own Device (BYOD), era. The availability of smartphones, tablets, and other offerings is increasing at an incredible rate, as well as their usage. There is no better time to examine the risks and opportunities presented by BYOD, given all the challenges IT departments face. These 12 areas are worth careful consideration.
Security is the first consideration for most businesses considering BYOD. The importance of details will quickly change after that initial reaction. Securing your mobile device can be important for many reasons.
Unauthorized users of authorized devices cannot gain access to the enterprise network.
Protect sensitive enterprise data stored on the mobile device from unauthorized access
Antimalware protection for the mobile device and the enterprise network.
Protecting the user’s personal data from unauthorized access
These and other reasons are why you should consider the following steps:
You must establish a strong password policy for your device. This includes at least eight characters, a 90-day change rule, lockout after five failed attempts, and lockout after five failed attempts.
You must specify that “jailbroken” devices are not allowed to access enterprise networks.
You can secure the enterprise network without the need to use mobile devices.
You can protect your enterprise data by keeping it within the enterprise and displaying it on mobile devices using Virtual Desktop Interface (VDI).
Turn off Bluetooth
Limit ad-hoc network access to employees of the enterprise
Different access procedures can be created for different user groups, such as Executive, Executive, IT, Sales, Service, or Employee.
Apply same-day deauthorization upon user’s departure.
Monitor every authorized mobile device’s communication to the enterprise, including the user’s authorized server(s), device position, and application(s).
Create a quick reporting procedure for lost and stolen devices.
Allow guest access by introducing a Proxy Server.
When away from the enterprise network infrastructure, it is necessary that each user has access to enterprise networks using 3G/4G and Virtual Private Network (VPN).
Many users today carry multiple mobile devices such as a smartphone, a netbook and a notebook. One user will have several of these mobile devices. The enterprise will have the same make and model of mobile devices. Prior to granting access the enterprise network, it is important to make a list of all devices that are being requested.
Every mobile device has seen many changes to its operating system or other specifications over the years that it has been on the marketplace. Consider adding the following items to your enterprise network inventory when adding devices:
Model and make
Wi-Fi versions are supported
Cellular access (3G,4G, or both)
Access via wire
After adding the mobile devices into an inventory and deciding which ones are eligible to access enterprise network, there must be a registration process. Although the enterprise IT department may decide to develop the software internally, most users will prefer to use an MDM package to assist with this process.
Guests will be able to register faster and have more restricted access because they won’t have the inventory section. Many organizations will require guests to sign an Acceptable Use Policy (AUP), which will grant them access to a designated wireless network (WLAN). All traffic will be directed to a proxy server to limit bandwidth and access.
The procedure will require that the inventory information be used and that the remaining users follow the steps to allow them to complete the tasks necessary to access the data. These steps include: