6 Security Features your Wireless Network Solution needs for BYOD
Wireless networks are quickly becoming BYOD (bring your own device) networks. If you’re still on the fence on whether it’ll catch on, look at what devices you and your friends are carrying. I don’t know any of my friends or associates who don’t have a smart phone and/or tablet. But yes, we’re all gadget geeks. So let’s look what the industry experts are saying.
Analysts are predicting that by 2016:
- 4 out of every 5 people in the US will have smart phones
- 2 out of every 5 people in the US will have a Tablet
- 60% of smartphones and 70% of tablets in the enterprise will be employee owned
I happen to disagree with the analysts, not in the numbers themselves, but I don’t think it will take until 2016 for that transformation to happen. Keep in mind that the iPad came out in April 2010, in two years it’s completely changed how we look at corporate wireless networks. The adoption of android phones has been even more rapid, and now android tablets are hitting the streets as well.
But regardless of how fast they propagate the workplace, IT Managers and CIO’s have some decisions to make on how to provide the proper level of network access and more importantly security. This is the first time I can remember in IT that technology leaders will be responsible for securing corporate data and managing access for essentially devices that they don’t own.
You’re system will need to provide the following features for a complete Secure Wireless Solution built for BYOD support:
1) Protect the network - seems logical right? But what I mean specifically is that the system has to have the ability to segment the BYOD users to only access what you want them to. In the old days, you would build a separate system all together. But today, you can have one wireless system that creates firewalled separation for BYOD users from sensitive resources.
2) Identify the User - you’ve got to be able to integrate with directory services to know who is trying to connect. You have to be able to apply access control based upon the user’s identity.
3) Device-level visibility - not only do you want to know identity, but you want to know what type of device is connecting. For example: (Identity = Employee) + (Device = Not corporate issued), then the system returns the BYOD user role which allows limited internet access and no internal servers.
4) Restrict usage and bandwidth - BYOD is great right? Till your users start streaming Netflix into the men’s bathroom and bring the corporate network to a crawl (true story). With BYOD, you’ll want to prioritize corporate applications and rate limit usage to non-productive stuff. You may even want to adjust your security by time of day as well. Be generous: after business hours users can watch Netflix in the bathroom all night long. They deserve it.
5) Configure network settings - How would you like to configure Susie’s iPad? How about adding hundreds of devices with all of the user’s personal crap, I mean stuff to help desk support?…that’s right, it’s not scalable. Your system has to be able to automate the registration process and configure the user’s network settings without laying hands on every device.
6) Provision and revoke device credentials - if we’ve allowed users to register their devices to the corporate network, we need to be able to revoke that access as well. The system needs to be able to do things like provide access for contractors but have those credentials expire when their engagement is completed.
Building a system to support BYOD access does require specific wireless and security expertise. At SecurEdge, we’ve designed, deployed, and currently support hundreds of BYOD wireless networks around the country. If you need some help talking through your requirements, we can help you. Feel free to Contact Us, we also have some resources available on our site that we hope are useful to you.
Philip is the founder and CEO of SecurEdge Networks. He’s the consummate strategist and frequently writes for the strategy blog. You can follow him at @philipwegner