Top

BYOD and wearables: Managing security pitfalls

The goal of any organization generally revolves around keeping the workers productive

Enterprises the world over are embracing workplace flexibility where employees are moving away from a PC-only model to a more diverse approach that embraces multiple devices running on a variety of platforms. With 468 million smartphones and 70 million tablets expected to sell this year alone, organizations can no longer afford to ignore the tide of consumer devices that employees are already using to get their work done. Indeed, according to a recent survey of office workers, 37 per cent respondents agreed that they already use consumer technologies for work without company permission.

Protecting Corporate Networks

The increasing number of personal devices used nowadays to access the corporate data and enterprise applications, not only exposes the corporate data to potential threats but also affects the overall productivity of any organization. The goal of any organization generally revolves around keeping the workers productive while reducing the complexity and the network security threats as much as possible.

There are multiple ways in which an organization can enable the productivity while protecting the corporate networks from the potential known and unknown threats:

1. There should be a clear understanding on which applications the workers need the access to, and there should be a precise plan chalked out for the entire year in advance.

2. The second most crucial step is to regulate whether the corporate applications and resources to which mobile users want access to are - web-based, client/server-based or host-based, or are they looking for access to back-connect applications like VoIP or VDI?

3. The next step ensuring worker productivity and security within the organization is to consider which devices workers will use to access applications and resources.

4. Finally, deploying layered security to protect from hidden malware, so that users and their device accessing the corporate network are trusted.

Wearable Technology – Pitfalls

There has been a recent push in the way of wearable technology, with analysts estimating the number of wearable devices in India to touch 200 million in four years, about a fifth of the current mobile subscriber base (850 million), estimated to cross a billion by then.

As part of the enterprise mobility trend to encourage employees to work out of the office on mobile devices and cloud services, wearables are being integrated into businesses as well as for personal uses.

While these wearable devices unquestionably enhance mobility and convenience, they also bring in an enormous range of security risks with their ability to store and transfer data. The risks of BYOD (bring your own device) are also being magnified, due to more devices accessing the same network.

One of the biggest proposed risks is the fact that wearables are Bluetooth-enabled, to allow the convenient transfer of data between devices. The fear is therefore that unwanted devices may be able to connect via Bluetooth and receive sensitive information, which may be damaging to the enterprise if leaked.

Managing the Mobile

Enterprises need to prepare for an increased data flow from a plethora of devices due to more complex connections involving a larger number of mobile devices.

The key to success managing a mobile IT environment is to consider the regulatory requirements for securing data at the highest priority while developing an organization’s mobile security strategy. The IT should enforce the multiple level protections including device password lock, on-device data encryption, and possibly require secure containers to separate corporate data and applications from personal apps and data stored on the device.

Progressively, today all the traffic going over the network is encrypted, so businesses need to not only be able to inspect traffic that is unencrypted, but also to de-crypt the encrypted traffic.

The potential for that lost phone to be used as a channel to hack into the network should be treated critically and every organization’s most important goal should be to protect the back-end applications and data. Organizations must consider the business needs, and the needs of its mobile workforce, while ensuring that corporate data is not compromised.

Contributed by:

Amit Singh Country Manager, Dell SonicWALL, India

( Source : dc )
Next Story