BYOD Options: The More, the Messier

BYODOrganizations are finding increasing value in allowing a wider array of devices to be used for company business. From improved worker satisfaction and productivity to reduced communications equipment costs, this simple perk makes a surprising difference. Before implementing a flexible bring your own device (BYOD) program, a number of key factors must be considered to protect company interests.

Security Provisions

One of the most concerning issues for organizations considering a BYOD program is the perceived lack of control over the device, especially as it relates to security. Any equipment capable of accessing company networks or data represents a point of risk of exposure. An important part of a successful device strategy is to dictate certain requirements for all devices involved.

For example, the policy may call for active anti-virus applications on any devices that will be used. Access to sensitive data may be configured so that a VPN tunnel must be used rather than straight access from a suspicious hotspot or public Wi-Fi. A PIN or password on the device could be another requirement. These types of tactics allow any device to be used with less risk of data loss or compromise.

Employee Training

In some cases, data breaches result from a lack of employee training. Without being educated on why public hotspots could be dangerous, a worker may not think twice about connecting to their work email from the coffee shop’s Wi-Fi. Teaching staff about phishing, rogue applications designed to collect payment and authorization information, and ways to physically protect devices from being lost or stolen increases their awareness. Giving them the tools to help protect the company and themselves minimizes the chance of a security incident from a BYOD connection.

Manageability

Another troublesome “control” issue within BYOD programs is how to terminate access if an employee leaves. Removing company data, applications, and connectivity may seem impossible. However, with today’s mobile device management tools this task becomes painless and efficient. Devices that are lost or stolen can be deactivated or wiped, access can be deleted, and sensitive information tightly secured.

Application Selection

Last but not least, choosing the right applications for use across the company is a necessary part of the BYOD conversation. For example, applications that are strictly on-premise or legacy are going to be out of reach for most, if not all, mobile devices. Ensure that cloud applications are secure and compatible with other company systems before choosing to implement them.

BYOD programs take significant burden off of IT personnel who would ordinarily be inundated with acquiring, provisioning, supporting, configuring, and deactivating devices. Workers get more done with hardware they’re most familiar with and enjoy the freedom to use their preferred devices. Flexible BYOD strategies can be quite effective with an appropriate measure of preparedness. For more information on creating effective mobile policies, contact ROI Networkstoday.

What’s Next for Enterprise WAN

WANConsidering the increasing complexity in the realm of enterprise connectivity, WAN was a welcome solution when originally conceived. Multiple facilities across the globe were finally able to be linked together. While there was an appreciation from IT leaders for progress in networking, this fix has not been without its faults over the years and there has been a demand for refinement and additional technologies.

Familiar Issues

A number of common weaknesses are often observed in enterprises working with WAN. In addition to the extensive cost involved in managing such far-reaching networks, they may also have a tendency to be slow, suffer downtime, and lack the stability and flexibility desired by most organizations.

Questionable Alternatives

While some alternative connectivity and networking methods perform more effectively, certain factors eliminate them from consideration as an option. Multi-Protocol Label Switching (MPLS) networks, for instance, can speed up the WAN through better routing, but the price tag is substantial enough to cause tech leaders to underbuy bandwidth to conserve spending — effectively nullifying any advantage that could be gained.

Another solution is to create a VPN tunnel over common broadband connections. While this improves security and keeps costs lower, any application that could be compromised by lag may experience very spotty performance. In some cases, VPN is used jointly with a limited MPLS arrangement. Since the two cannot operate concurrently, not much usefulness is found in this solution either.

High Potential Possibilities

While other WAN management techniques have been tried and discarded, one that is quickly gaining the interest of technical leaders is Software-Defined WAN (SD-WAN). Using SD-WAN, network managers can centrally provision, terminate, optimize, and flex all of the components on the system. Data follows the most efficient route and latency is nearly eliminated. It’s made orchestrating hundreds of access points and switches much simpler, saving IT hours of expensive labor. SD-WAN also leads to cost savings, as it can use cheaper connections like broadband much more efficiently than standard WAN.

Another distinct advantage of SD-WAN is that providers can often bear the burden of management for the company. In this model, the vendor handles everything from maintenance to troubleshooting to updating. This saves the organization labor costs and ensures that the right personnel are working on the right projects rather than being caught up in mundane or non-strategic tasks.

In this world of increasing cloud service options, an SD-WAN infrastructure makes integrating new cloud providers a much more rapid activity, even when multiple company locations are involved.

It’s critical for the future of an enterprise that the network grow and develop into a more manageable tool that easily accommodates growth and flexibility requirements. SD-WAN is one option with great potential to offer in this regard. For more information on WAN evolution and managed SD-WAN technologies, contact ROI Networks today.

Best Practices for Enterprise Security in the IoT Age

194040659As the ever-connected world continues to explore the Internet of Things (IoT), the enterprise must consider how to rethink and adjust its security approach to accommodate a new technological age. This does not require a complete restructuring of the security architecture, but only a repurposing of some existing technology and roles.

Here are several best practices to help the enterprise securely embrace the IoT.

Leverage Existing Network Security

IT professionals can use their existing infrastructure to help enforce network security. Best practices for IT professionals include strategies that may already be in place:

  • Employ private, segmented networks with designated IP ranges.
    • Private network usage has the added benefit of cost savings when compared to public IP ranges.
  • Continue securing connections with virtual private network (VPN) technologies such as IPsec.

Revamp the Governance Structure

The IoT brings new security challenges, and the enterprise needs to re-evaluate how information security personnel fit into this updated picture. Businesses should ask the following questions to help ensure complete protection for their resources:

  • To whom should the head Information Security Officer report?
  • Should new or previously uninvolved personnel participate in information security initiatives?
  • What new types of devices does the organization need to secure?

Monitor Critical Infrastructure

Most pieces of infrastructure today are connected and online, a different situation from years ago when these resources were offline. With this in mind, businesses must ensure that critical infrastructure (as it relates to IoT) is secured. IT professionals should keep the following ideas in mind when considering their enterprise security posture:

  • Infrastructure attacks may be more frequent, but there is an array of intelligence available that can help prepare for attacks and mitigate impact.
  • An investment in real-time attack intelligence software is both necessary and worthwhile.
  • Visibility and awareness are powerful tools against attacks.

Do Not Forget the Past

IT stakeholders should not underestimate the value of lessons learned from past experiences, including past threats or attacks. The enterprise can adopt the most secure posture in the IoT by consciously learning from every incident:

  • Acknowledge that past attacks may occur again and prepare for them.
  • Embrace new and updated technologies that are equipped to handle potential attacks.
  • Establish strong plans to effectively combat and manage response to attacks.

The enterprise can be well-prepared to embrace the Internet of Things from a security perspective, and in many ways, it already is prepared. By maximizing the impact of existing tools, evaluating the security reporting structure, monitoring important assets, and learning from previous experiences, companies can fully and securely experience these exciting new technologies.

Cloud Security: Not a One-Stop Shop

1Just about every tech commercial these days references “The Cloud” as the be-all, end-all solution to the world’s woes. Cloud is certainly powerful, flexible, reliable, and versatile, but it can also carry serious security risks. Security is the number one factor deterring companies from using a cloud system. However, sharing the security burden with the cloud provider reduces risk and allows a company to safely take advantage of cloud technology.

Insecure Situation

When using cloud infrastructure, the control of data may be lost or compromised to a degree. A third party possessing control over security, configuration, access, and more may provide cause for hesitation. Lack of security options in vendor cloud offerings could be of additional concern. These concerns are valid no matter what type of cloud setup is purchased or where data is housed. While cloud providers may build in some security protocols, the best defense is a multi-pronged approach to security taken by the company as it is implementing the cloud architecture.

Tailoring Security

Using multiple layers of security is the best tactic for cloud protection. These layers should include protection at the hardware level, virtual environment, and surrounding the application itself. At the bottom of the pyramid are basic tools like firewalls, provider isolation, and simple protection. Strong firewall rules are imperative for cloud systems. These foundational items are largely controlled by the cloud provider, though the user may have some input.

Using complex levels of protection such as virtual networking encryption, network firewalls, and port filters should be considered. While some of these tools exist on the provider’s side of the equation, many of them are controlled by the business.

Last, but not least, is the encryption on the disk partitions that surround the company’s environment, which falls in the lap of the implementing company. An overlay networking arrangement is of great use in the security equation when combined with site-to-site Internet Protocol security (IPsec) through virtual private network (VPN) tunnels. This setup protects from attacks on both provider and user sides and gives adequate control back to the business.

Security Is Everyone’s Problem

With the cloud provider and the business’s IT team both focused on security, a stronger solution is created. In addition, this tandem approach relieves the business of management overhead. More time and effort can be spent on handling the security of core applications rather than dealing with storage and server configuration and acquisition. The result is enhanced security from the inside out.

Cloud security must be a partnership between a company and its selected cloud provider. By isolating connections and locking down security through the cloud provider and the business, cloud security is improved. Building hybrid and multi-layer solutions into the cloud system allows cloud’s powerful technology to be used safely and effectively, facilitating business growth in a secure environment.