Look for a Middle Ground in BYOD Security: Blue Coat GM and VP
IDG News Service - The sudden rise of mobile devices to support bandwidth-hungry applications is raiding corporate networks. As CIOs struggle to manage the storm of personal devices users carry within enterprise networks, they must take a harder look at safeguarding their IT. Shweta Rao spoke to Albert Kuo, GM and VP -- field operations for Asia Pacific at Blue Coat Systems, to find out more about the security challenges that BYOD has brought with its arrival.
Is BYOD really security's problem child today?
Different Web applications have different network usage patterns. Most of us monitor applications that enter our enterprise network to understanding bandwidth usage. But most of these are critical apps, compared to others like Facebook and YouTube. A lot of IT heads just add more bandwidth to manage the crunch. But, at Blue Coat, we have coined a term called 'selfish application' that explains today's situation better. A selfish application typically downloads a lot of data in frequent intervals and does it at a very high speed--putting the priorities of the rest of the network's needs at bay. Now, the issue today is that most applications are selfish, and the amount of data downloaded by a lot of people running the same apps on their personal devices is high. This is accentuated with the use of SaaS applications. So, yes, BYOD is a very big problem child and it might be a good time for CIOs to begin managing their WAN bandwidths.
How is Asia Pacific doing in terms of addressing BYOD's demands?
Indian employees too, like the rest of the world, look to the Web to fulfill the everyday demands of productivity. And, IT typically cannot monitor access or use of these applications. As I have told earlier, this will most certainly hog disproportionate amount of corporate bandwidth and slow down other critical applications. In India, BYOD and complex social networking apps majorly impact bandwidth budgets and delivery quality. Blue Coat is currently helping many Indian enterprises bring in visibility and control over the shadow IT infrastructures that are present within the corporate network. Our product PacketShaper highlights the shadow infrastructures which most CIOs are unaware of. Indian IT teams are slowly forgetting the days when only the big guys had mobile devices at work. Or even days when a "BlackBerry-only" policy was followed. And while these teams are coming to terms with the security issues, mobility is eating up their IT budget. New devices, data plans, apps, and software--they're all coming down at a go and it's very confusing. Although BYOD meant no investment in hardware devices, it didn't show up with major cost cuts. In fact, it brought along issues like supporting different devices on different platforms. That is when a robust, well-structured BYOD policy comes to the rescue. And I'm afraid it will take some more time for the enterprise BYOD policies to mature.
How then do CIOs begin to address BYOD's challenges?
One of the most important things to do is to begin early. I suggest CIOs begin involving their teams in discussions instead of waiting to plan out a complete BYOD strategy. Social media must be treated as a means to further an enterprise's business agenda and to help adopt more advanced technologies on a wider scale. But as users mix business and personal lives on mobile devices, the most common approach is to look for a middle ground in security--not too restrictive, not too open. A multi-tier approach that involves encryption, remote wiping and educating employees to report loss of personal devices is advisable. It's more cost-effective to efficiently protect data that's on personal devices than the devices themselves.
Could you tell us a detailed manner to approach BYOD in an enterprise?
CIOs, with their teams, must understand each device type that would connect with the network and the basics of various protocols that follow. A testing tool that captures and relays the difference in the way an application performs over different platforms is essential. BYOD will deviate from tightly controlled PCs and server infrastructure with common versions OS and applications. Hence, a granular level of monitoring the resources mobile devices can access is mandatory. A network access control can help filter if mobile devices have updated anti-virus and software versions. It's time enterprises own up and perform a security assessment, and find the risks before the attackers do.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts