Just when you think you’ve got your BYOD device management policies nailed down, the game shifts again. Recently, the term BYOX (or BYOA: bring-your-own-anything) has forged itself into IT vernacular to characterize the phenomenon by which employees not only use any device, but also any application, content, or service to accomplish their work. When these activities occur beyond the oversight, or explicit authorization, of the IT department, they are commonly referred to as “shadow IT.”
Shadow IT has been around for quite some time, but BYOX adoption is exploding fast and permeating organizations to the point of no return. In fact, PricewaterCoopers (PwC) estimates 15% – 30% of IT spending now occurs outside the IT department budget. Today’s workforce is imbued with the mindset that, for any task–“there is an app for that.” Illustrating this, Netflix recently found that its employees were using 496 smartphone apps, generally for data storage, communications, and collaboration; while Cisco Systems found that its employees were leveraging hundreds of apps, as well as services for shopping and personal scheduling.
It’s been argued that BYOD can increase employee productivity, and an iPass survey of 1,100 mobile workers suggested that employees who use mobile devices for both work and personal needs put in 240 more hours per year than those who do not. BYOD and BYOX can also result in higher employee satisfaction and greater worker collaboration. All these benefits aside, there still needs to be tools and processes in place for network security management and data security… and there are.
Embrace the benefits of BYOD and BYOX and consider these FIVE network security management protocols:
- Establish full network visibility – Take a benchmark snapshot via firewall logs and reports for insight into what devices are actually connected to the network and what applications are being used. Continuously monitor for vulnerabilities, exploit attempts, misuse, and devices that have gone off-line.
- Application Access Control is an essential technology – Application Access Control plays a pivotal role in making a BYOX policy secure and efficient. Get visibility and control over shadow IT apps running across your network by identifying specific applications and functions that are acceptable, as well as others that are not. With application access control in place, the network becomes agnostic to the device, and can enforce policies based on specific, acceptable applications.
- Apply policy to a segmented network – Sensitive data should always reside on a different network than that which is open to guests, contractors, or other non-employees. With a segmented network, IT can apply one set of policies for employees and another set for guests.
- Enforce strong access control passcodes – Far too often, businesses resort to user-generated passwords, which are more susceptible to compromise. Password policies for BYOD devices should be as robust as they are for traditional IT assets, such as laptops or desktop computers.
- Establish a policy – We harp a lot about setting IT policy, but that’s because while simple in nature it’s often missing or lax. IT should focus on policy to “keep BYOD/BYOX simple.” Consider making a broad list (a meta-table) of acceptable devices that can access the corporate network and state which devices/operating systems that IT will and will not support. With device sprawl becoming a more palpable concern for IT departments, it makes sense to centrally manage policy per user, rather than having a separate policy per device each user may use. A device-agnostic policy approach makes the platform less important than the needs of the user—and makes network security management easier for IT. When employees access the corporate network on their own device, they should agree to adherence of company acceptable use policies, as well as IT monitoring and risk management tools. Make sure you have tools in place to measure compliance. Finally, your BYOD/BYOX policy should be regularly communicated to all employees.
BYOD, BYOX, shadow IT… these aren’t going away, and will likely only continue to proliferate your organization as more apps, devices, and cloud tools become available. These five network security management protocols can help get you started. For more information and five more tips, download the whitepaper – Illuminate Shadow IT and Securely Manage BYOX.