The rise in Bring Your Own Device (BYOD) due to increased business benefits is posing a severe challenge for IT security professionals. Enterprises have come to taste the advantages offered by this new policy in varied aspects – employee satisfaction, increased productivity and cost savings on devices provided to employees. The benefits have induced enterprises to encourage BYOD amongst it employees. However, it is not without implications. Security is the major issue.
Along with Bring Your Own Device (BYOD), the industry is also experiencing rapid growth in the Internet of Things (IoT) and wear your own device (WYOD) concepts. All these advances put a strain on the IT web security administrators who have to secure the enterprise from malicious attacks. They must give high importance to network security as mobile devices, BYOD and WYOD will connect to the enterprise resources through the network.
Steps to Ensure Network Security
A secure Mobile Device Management system (MDM) must be put in place for managing the different devices. In large enterprises it would enable easier management of the security of the devices. MDM enables monitoring of mobile devices, and also disabling, wiping or locking down of lost or stolen devices. This is important as devices could get lost or stolen for reasons such as corporate espionage. Corporate data should not fall into the hands of unauthorized users.
Enterprises must define and follow a structured network segmentation strategy to mitigate risks due to malware threats. A secure limited access network, a private intranet network and a public network is a possible type of set up for securing the network. High security must be specified for the limited access network, and this should be made to allow only authorized devices. The public network could be made to allow unauthorized, public users to access the enterprise websites.
The enterprise must put in place a robust and effective endpoint security system to protect the enterprise core as well as all the devices that access the network. The different types of devices – smart phones, laptops, tablets, wearable devices, etc.., must all be protected with endpoint security.
Users must not be allowed to use multiple access points, and policies should be strictly defined so that a user would be able to access the enterprise network only through a single access point, even if the user has to or is allowed to access the enterprise network through multiple devices. An identity and access management solution could help implement the security policies.
Implementing Single Sign-On and defining profiles to specific groups of users so that they have access only to the network areas and data that they should have access to, is another security measure.