Sunday, September 16, 2012

The BYOD conundrum – the fear, the inevitable embrace of it and the more critical inevitability of it, monitoring it

In all organizations large or small, there is a large wide spread usage of the devices such as iPads and other such devices (popularly known today in the industry as BYODs or Bring Your Own Device) irrespective of whether allowed or not in the corporate network. People have figured out on how to create shadow IT environment in their workplace to network in the BYODs. Their ease of use and sheer portability and usability of the device, coupled with the lure of free, fast and unmetered internet connectivity at the corporate make the presence of it and other employee-owned tablets and smartphones on the corporate LAN practically inevitability.

Gartner report (June 2012) says “the bring your own device (BYOD) trend is here to stay, so enterprises need to bolster security policies. The bring your own device trend has created new opportunities for businesses looking to increase productivity from mobile employees and remote offices, but security remains a top concern for IT departments in the enterprise”. Gartner also says that “we found 86 percent of enterprise respondents are planning to purchase media tablets like an Apple iPad this year”.

Unfortunately BYOD comes out with its security risks. Some of them worth mentioning are,
  • -         BYOD infecting the network and exposing the organization to the threat of cyber-attack from inside out
  • -         Employees downloading corporate sensitive data to their devices and hence exposing the same for cyber-leak when they take the devices out of corporate network
  • -         Using these devices to connect to film and video streaming at work clogging up the network in the process
  • -         Using applications that are not per say security threat tested and intruders finding easy way into the corporate network

Just to mention a few.

Also BYOD brings rampant use of insecure cloud services like Dropbox. Sixty-six percent of respondents said that they or their companies used some service like Dropbox to store their data. These commercial cloud storage and backup providers can present security risks to corporate data, since data is in the hands of a third party. Even when cloud repositories are encrypted, it's often that third party not their customers who hold the encryption keys.

According to the Gartner survey, the security top issues included the use of privately owned devices and deployment of new enterprise mobile platforms. Gartner recommended focusing on mobile data protection (MDP), network access control (NAC), and mobile device management (MDM) tools. Survey results also indicate enterprises are providing support for BYOD programs, offering technical support for 32 percent of smartphones, 37 percent of tablets and 44 percent of laptops.

But in another survey by MokaFive, there is a clear mandate across all organizations and across the globe that BYOD is here to stay, like it or not. Eighty-eight percent of respondents said their companies had some form of BYOD, whether sanctioned or not. They also said that specifically speaking of MDM that it is too intrusive and would not like to install the same on their device even if the corporate enforces it. 77 percent of respondents had strong negative words to describe their feelings about the use of the software (MDM), including “I don’t care for it,” “Violated!” and “Not acceptable.”
Trying to stop the usage of BYOD in some form of policy or installing some intrusive client on it is like trying to stop the inevitable or is like stopping the rain. One can certainly try but the end result will be surely inevitable. People who get their devices are real smart people (most of them “J) and they know how to make their devices connect to the corporate network. You can certainly try to prevent them from connecting but the end result seems relatively inevitable. People are and will continue to bring their devices to work for various purposes.

"Healthy growth in smartphone and media tablet shipments over the next five years will enable a much higher level of IT consumerization than is currently possible," Chae-Gi Lee, research director at Gartner, said in a prepared statement. "Enterprises should recognize this and look to 'mobile enable' their IT infrastructure for employees to meet the growing demand for mobile device use in the enterprise IT environment."

So it is better for forward-thinking organizations to let these devises connect to their network and figure out non-intrusively how many devices do run on the network at any point of time, who and all it belongs to, what all applications are active and how many of them belong to say higher threat level for the corporate and what all are the bandwidth usage of the devices. These analytics will throw a lot of light into the usage patterns of the devices, gives powerful analytics on what tools and methods to deploy to make sure bandwidth is not hogged per say and secondly and most importantly what tools and methods to employ to secure the network and the data. The deep packet level analytics with the ability to drill down deep into the packet level allows us to see exactly what is happening. The clear and complete allows organizations to take fast and accurate actions to correct the situation. All the analytics, usage patterns, type and kind of applications used – al such information is right there in front of them. Network security is critical, but security without visibility is like patching the wrong leaks, a disaster waiting to happen.

Visibility and Analytics will give IT clear and immediate answers to the most critical and paramount questions:
  • What devices are running in the network?
  • Who does these devices belong to?
  • What kind of applications are running actively?
  • Which of them are security threats?
  • Do we see any issues in the network?
  • Whose device is causing the issue?
  • What areas of the network are impacted?
  • When did this issue start or if it has happened, when did this happen?
  • Where does the problem exist?
  • Why did it occur?
If all the packet information of traffic are recorded and if one can give a real-time and retro analysis of every event including the ones which were security issues, one can do a complete forensic analysis on how the security issue happened and why it happened and what was the security hole that made this happen. Once such a forensic analysis done, one can come out with a powerful insight and intelligent solution that provides a fast and reliable resolution.

There's a strong perception that BYOD is a battle that organizations will ultimately lose and should be happy to accept and concede the same. The line between home and work is getting more and more blurred and tough policies on the usage of these BYOD in the corporate network will be counterproductive. Moreover organizations that enforce hard policies and intrusive clients (MDM Client) will find struggling to implement the same, and more over employees will easily find ways to bypass all these to connect anyway to the corporate network (one google search on how to yields 100s of such methods of doing it J). Moreover in today’s world, such hard core policies will find themselves struggling to attract talent. Of course you can also find the middle ground by meeting half way between the organization and the employees but just make sure all your actions are analytics based and just make sure you have got the visibility to do it.

Manjunath M Gowda, CEO “i7 Networks
Author is the CEO of i7 Networks which provides network traffic analytics engine called EagelEye which sits on the periphery and provides complete real-time and retro network traffic analytics.

No comments:

Post a Comment