Intelligent CIO Middle East Issue 23 - Page 110

FINAL WORD “THE CONTINUED RISE OF BYOD IS INEVITABLE, AND FEW CORPORATE LEADERS WILL PASS UP THE PRODUCTIVITY GAINS OF A MOBILE WORKFORCE THAT PAYS FOR THEIR OWN DEVICES.” 2. Use profiling to create device categories Accurately profiled devices should be a cornerstone of your plan when rolling out a secure BYOD initiative. As BYOD permeates throughout your environment, not all users will be diligent about downloading the latest versions of the operating system. You’ll want to capture context that allows you to see who is running what versions on iOS, Android, Chrome and other operating systems. As new releases become available, this data will give you the visibility to help identify why authentications may be failing, the types of devices that are experiencing issues, and more. An understanding of location can also help determine if a problem is specific to Wi-Fi equipment if the enterprise is operating a multivendor environment. 3. Use context within policies It’s important to leverage multiple sources of context to manage access. Data can consist of user role, device 110 INTELLIGENTCIO profiling, location, and once a certificate is issued to a specific user’s device, the assumption is that it’s a BYOD. Doing this greatly enhances productivity, usability and security. By enabling the use of known data you can stop users from coming up with ways to bypass policies. The use of device categories should also be explored. The idea is to again leverage context to enforce privileges across a large category of devices. All BYOD endpoints connecting over a VPN can be treated differently compared to when they are connected in the office. Printers can be managed differently than game consoles or Apple TVs. 4. Manage mobile app use Enterprises need to define and enforce policies that dictate who can access specific types of data from which devices, with the ability to differentiate between smartphones, tablets, laptops or IoT devices. To be effective, enforcement must extend across MDM/ EMM, a policy management platform, and firewalls. 5. Automate and simplify Automation is essential for both initial onboarding and to take action on non-compliant devices (for example, quarantining them until they are compliant). MDM/EMM solutions should share device posture with a NAC solution to ensure that devices meet compliance before being given access. Integrating with helpdesk applications and SIEM can provide an enhanced experience for the user and IT for improved problem resolution. “SECURITY FOR BRING YOUR OWN DEVICE AND MOBILE MUST NOW BE PART OF A LARGER CONVERSATION WHEN SECURING THE NETWORK FOR THE NEW DIGITAL WORKPLACE.”