Over the years, we’ve seen technology shift from the beginnings of the Internet to IP telephony, pervasive video and desktop virtualization, and more recently we’ve witnessed the explosion of mobile devices. Not only has this impacted our personal lives, but it has also drastically altered how we work. And with so many new devices now entering the workplace, businesses must have a proper BYOD policy in place. So how do you find the happy medium that provides a BYOD experience to users that balances security and flexibility, while avoiding a management nightmare and controlling costs?
An effective BYOD policy must allow users to experience the benefits of personal technology in the workplace through efficiency and productivity gains, mobility and an overall improved work experience. However, these benefits need to conform to information retention and security policies, administrative overhead and even legal compliance. Of course, like most technology projects, the benefits need to produce an ROI that matches overarching business goals, whether it be to improve customer service, create a more collaborative environment, or increase productivity and employee satisfaction.
To do this, executives must first understand the access employees need on their personal devices in order to work efficiently and not be hindered by connectivity issues. With the ongoing migration to Web and cloud-based applications, this is increasingly simplified. The BYOD policy may only need to consist of allowing connectivity to a handful of Web servers and Internet access. Many organizations need only to provide connectivity similar to what is already provided for guests. A wireless controller can be placed in the DMZ and used as an anchor for BYOD and guest clients, which makes for a very simple and secure deployment. Some environments may provide this type of access as a quick way for employees to gain access to the Internet on any device that may not need access to corporate resources.
Image via Shutterstock
IT staff can also provide access to internal resources for users that can meet the requirements set out by the policy; for example, having a certificate installed on their machine, having an active directory credentials or even conforming to a posture assessment to verify things like the OS being up-to-date, antivirus software being installed and updated, as well as a slew of other possible metrics. Some solutions can go so far as to allow IT staff to build out and enforce the policies set forth by the organization. For example, network access can be provided based on who the user is, the type of device, applications installed and other factors. In lieu of more sophisticated solutions like this, existing VPN solutions can be reused to provide connectivity onto the corporate network with RADIUS servers providing some of the more basic security enforcement of certificates and AD credentials forgoing more granular control.
It’s worth mentioning that the advent of virtual desktop solves many of the challenges impeding BYOD. Many organizations today are evaluating VDI solutions in one way or another. In addition to management simplification, the more prominent benefits revolve around data protection and mobility. Virtual desktop environments allow BYOD policies to be as simple as providing users with secure connectivity to a connection broker which gives users access to a fully functional desktop with access to all of the resources they would have at their desk from any device.
The lines of devices are blurring quickly, we now have tablets that run phone and video apps, phones with USB and HDMI ports that serve as VDI clients and now the ability to virtually partition smart phones and tablets to separate personal and professional use on the same device – meaning it’s now the time to implement a BYOD policy that allows you to better reap these technologies’ many benefits.
This week's ITEXPO Las Vegas will include a number of sessions discussing topics related to BYOD security, trends, and more.
About the Author
Jason is a Solutions Architect at Annese & Associates, Inc. and has been with the company for three years. Throughout his career, he’s worked as a network architect focused on helping organizations understand technology solutions to meet business applications. Jason’s primary knowledge area is on wireless and data center solutions.
Edited by Alisen Downey