Managing the threat of BYOD and flexible working
Joakim Sundberg runs through his view on mobility threat prevention
Very real security threats can be introduced by flexible working policies and unrestrained BYOD, and then there are the productivity issues. However, these are not threats that are insurmountable and there are benefits to be enjoyed by businesses that can contain the risks.
To deal with the threats inherent in remote and flexible working, it is vital to have a contextually aware network. By this I mean one which can identify the source of traffic by location, type of device and authentication, and then make intelligent decisions based on this information.
Say your customer's chief exec is trying to access files from the server on his or her personal laptop. If the correct security software is installed and network access is secure, then fine, but if there is a question over the security of the connection or the device, the network could intelligently deliver read-only access to the files needed.
Preventing any unwanted intrusion attempts while allowing the chief exec to use the IT resources he or she expects to be available is a win-win. The network is secure and he or she can work unimpeded.
BYOD is a slightly different matter. A contextually aware network will help deliver appropriate content types to a mobile device – for example, delivering lower-resolution images to improve load times on mobile web apps – but the security implications of having personal and corporate information housed on the same device are still there.
I know very few people who are happy to have their personal communications and files monitored by their company, but this is frequently the approach taken with the current generation of mobile device management tools.
It is far better to separate the business apps and files from the personal ones. This can be achieved by management at the application rather than the device level or, as we call it, BYOD 2.0.
Mobile application management adds a layer of control to only those applications used for business purposes, encrypting data and making sure that only secure connections are used to transmit it.
Joakim Sundberg is worldwide security solution architect at F5 Networks