VPNs and Common-Sense Policies Make BYOD Safer
by VPNHaus | 04/12/2013 | Industry Commentary, IT policy, Mobile, VPN
By Patrick Oliver Graf, General Manager, NCP engineering
Mobility and bring-your-own-device (BYOD) programs have become staples of today’s workforce. For employees, the ability to use their own personal smartphones, tablets and laptops provides a measure of comfort and convenience. For their employers, it can reduce IT hardware costs and increase productivity by allowing individuals to use devices familiar to them. It’s a win-win.
BYOD also has the added bonus of enabling companies to build custom mobile applications designed for specific business tasks. However, one drawback is that each mobile operating system comes with its own architecture and security concerns. Any company that embraces BYOD and mobile technologies must account for the different platforms its employees use to complete work-related functions.
Aligning Consumer Desires and Business Needs
Most of the personal devices people bring into the workplace are designed and marketed with consumers in mind, not businesses. So how do you reconcile the consumer desires of convenience and style with the functionality and security businesses require?
The goal is to allow authorized users to access and transmit sensitive data by way of a secure tunnel that unauthorized third parties cannot intercept. VPNs do exactly that. However, not all VPNs are alike. IT administrators benefit greatly from versatile solutions that enable them to manage VPN security settings on the various end devices used by their workforces. This offers the flexibility needed to address specific issues that require technical support, and roll out patches on whatever scale may be needed, whether it’s for one device or 100. It also makes it easier to offer support to individual employees who encounter any IT-related problems on their mobile devices.
The best VPNs will also provide additional security features, such as a personal dynamic firewall that automatically adapts security settings to any network environment. This ensures that otherwise vulnerable remote access points, like public Wi-Fi networks, can be used without compromising the company network.
Security is Never Foolproof
Letting employees use their personal mobile devices for work certainly has its benefits, but as we have shown, there are also security considerations that should not be ignored. VPNs are a big part of the solution, but not the whole answer. They need to be incorporated into company-wide BYOD policies that govern how, where and when sensitive information is accessed.
If a hacker infiltrates an employee’s tablet or smartphone, for example, they could gain access to the secure VPN tunnel and walk right through the virtual front doors. From there, they could do untold amounts of damage.
With this in mind, here are a few tips that every organization should follow when designing BYOD policies:
- Compile a list of devices that are authorized to be used for work-related functions. This list should be based on the most up-to-date information on device security settings and flaws, and employees should only be able to access the corporate network using devices from this list.
- Compile a list of operating systems that employees are allowed to use when accessing company IT assets. This should include the various versions of each operating system, as they are regularly updated.
- Restrict the downloading of specific applications known to contain malware, insufficient security protocols or other vulnerabilities.
- Require all data stored on a mobile device’s internal memory to be encrypted in the event that it is lost or stolen.
- Deploy mobile device management (MDM) solutions that allow IT departments to roll out security updates and patches, configure security settings and initiate remote data wipes in case a device is lost or stolen.
By combining these steps with a robust VPN solution, companies and their employees can enjoy the convenience, productivity and cost-savings of BYOD without placing critical data at risk.