Staying abreast of mobile trends and developments is one of the most important parts of being a remote access VPN solution provider. As our devoted followers know, we’ve regularly followed and offered commentary on the most talked about trends in the security world, especially BYOD.
In a recent CIO article, Tom Kaneshige highlights five major BYOD pitfalls and describes how to avoid them. While we were mostly in agreement, we did have some additional thoughts of our own.
1. An ‘Open Door’ Attitude Towards Apps
Being too lenient with the types of apps CIOs allow employees to have (and even expense!) on their devices is a recipe for disaster. While the article highlights recreational apps, such as Angry Birds, it’s important to remember that Web browsers are applications, too. The Web is one of the most susceptible entry points for malware, and if enterprise security is not up-to-speed, sensitive corporate information is almost immediately at risk of being accessed and/or damaged. There are a couple of different ways to tackle this problem. The first method is to only allow employees to access the corporate network via an IPsec VPN. This will ensure that the network is protected even if the browser is compromised. SSL VPNs are the second option; they can be configured on an app-specific basis by administrators, and access can be revoked immediately.
2. Playing the Role of Big Brother
Another way that CIOs try to tackle the aforementioned application problem is through a technique called Geofencing. Essentially, a virtual perimeter is created that allows employees to have certain applications on their phone, but prohibits their use while they’re at work. The catch to this technique is that CIOs need to be able to monitor employees’ devices in order to protect sensitive information, and traditionally, this has been accomplished by activating the location services of their employees’ tablets and smartphones. Alternatively, VPNs can be implemented to ensure secure remote access and employee privacy. VPNs allow employees to securely connect to corporate networks regardless of their location, eliminating the need for location tracking.
3. Ignoring Usage Tracking
This one is rather straightforward. Suffice it to say, if things such as talk, text, data and roaming are not adequately tracked, CIOs are in for an unpleasant surprise when they see their bills.
4. Allowing Rogue BYOD Phones and Tablets
Sadly, as we’ve stressed in the past, there is no perfect solution for a BYOD policy. For example, granting an unlocked iPhone access to the corporate network does satisfy employee requests, but it also raises concern about the overall security of sensitive information. Tom’s suggestion, one that we agree with, is to support the popular consumer devices and operating systems, with products such as NCP’s Secure Enterprise Client for Android, and figure out others as they are introduced to the market. Taking it a step further, a centrally managed VPN can actually prevent people from accessing information that they shouldn’t be trying to access in the first place.
5. Giving BYOD Policies Short Shift
At the risk of beating a dead horse, we must once again stress the importance of implementing a comprehensive BYOD policy and communicating that policy to employees. Having a detailed BYOD policy means nothing if employees aren’t aware of it. Creating an organizational culture where everyone follows network security best practices can prevent workers from exposing the network to risk in the first place.
Are there other pitfalls that you’ve encountered? Please let us know in the comments!