FINAL WORD
“THE
CONTINUED
RISE OF BYOD
IS INEVITABLE,
AND FEW
CORPORATE
LEADERS WILL
PASS UP THE
PRODUCTIVITY
GAINS OF
A MOBILE
WORKFORCE
THAT PAYS FOR
THEIR OWN
DEVICES.”
2. Use profiling to create
device categories
Accurately profiled devices should
be a cornerstone of your plan when
rolling out a secure BYOD initiative.
As BYOD permeates throughout your
environment, not all users will be
diligent about downloading the latest
versions of the operating system. You’ll
want to capture context that allows
you to see who is running what versions
on iOS, Android, Chrome and other
operating systems.
As new releases become available, this
data will give you the visibility to help
identify why authentications may be
failing, the types of devices that are
experiencing issues, and more.
An understanding of location can also
help determine if a problem is specific
to Wi-Fi equipment if the enterprise is
operating a multivendor environment.
3. Use context within policies
It’s important to leverage multiple
sources of context to manage access.
Data can consist of user role, device
110
INTELLIGENTCIO
profiling, location, and once a certificate
is issued to a specific user’s device, the
assumption is that it’s a BYOD. Doing this
greatly enhances productivity, usability
and security. By enabling the use of
known data you can stop users from
coming up with ways to bypass policies.
The use of device categories should
also be explored. The idea is to again
leverage context to enforce privileges
across a large category of devices. All
BYOD endpoints connecting over a VPN
can be treated differently compared to
when they are connected in the office.
Printers can be managed differently
than game consoles or Apple TVs.
4. Manage mobile app use
Enterprises need to define and enforce
policies that dictate who can access
specific types of data from which
devices, with the ability to differentiate
between smartphones, tablets,
laptops or IoT devices. To be effective,
enforcement must extend across MDM/
EMM, a policy management platform,
and firewalls.
5. Automate and simplify
Automation is essential for both initial
onboarding and to take action on
non-compliant devices (for example,
quarantining them until they are
compliant). MDM/EMM solutions
should share device posture with
a NAC solution to ensure that
devices meet compliance before
being given access. Integrating with
helpdesk applications and SIEM can
provide an enhanced experience
for the user and IT for improved
problem resolution.
“SECURITY
FOR BRING
YOUR OWN
DEVICE AND
MOBILE MUST
NOW BE PART
OF A LARGER
CONVERSATION
WHEN
SECURING
THE NETWORK
FOR THE
NEW DIGITAL
WORKPLACE.”
www.intelligentcio.com