BYOD – The Big Questions

Like us you’ve probably been asking questions and more questions about BYOD. To quote Stephen Fry ‘No sin in that. We grow wise by asking questions. The right questions.’ So, here our Technical Director, Toby Makepeace grapples with BYOD and answers some of the biggies.

This post contains original thoughts posted by Toby Makepeace, Technical Director, Network (Utilities) Systems Ltd. These views are his own.

BYOD – a threat or an opportunity?

We are all well aware of today’s business challenges brought by the proliferation of mobile devices, new styles of remote working and the associated challenges faced by IT managers in meeting the increased demands for network access from both staff and guests. Those challenges aside, this question is easy for me to answer – opportunity! In my view BYOD brings a massive opportunity to your business. Quite simply the possibility of the increase in productive man hours can only be viewed as a benefit to the business. So, next questions please!

Are businesses prepared? What’s the risk to the business? Are there cost savings to be made? What is the impact on the IT department?

To answer these let’s first cast our minds back to when BlackBerry’s were first being deployed. At the time many felt they were an unnecessary cost and a risk to the business, and would not increase productivity, yet nowadays you’d be hard pushed to find a member of staff who doesn’t feel their BlackBerry or mobile device is a critical part of their everyday business toolkit.

However, I also believe the risk factor still exists and in some cases has not been addressed for these corporate devices. As people move away from BlackBerry to other mobile email systems, a BYOD strategy might help tackle these risk factors by reviewing the corporate policy on mobile devices and re-addressing some of the failings around theft or lost devices and help you move towards a solid Mobile Device Management policy.

With mobile email being the killer application upon which we all rely, let’s take a look at each of these questions in a little more detail:

Are businesses prepared?

Unfortunately the answer here is generally no, but we were not prepared for mobile email either. At that time we needed to invest in the solution that worked for our businesses, so now we need to invest in a BYOD solution that works for our businesses too. It might be just one product that we need, but more likely a suite of products to build a robust BYOD solution.

What’s the risk to the business?

The answer here really comes down to how far you want to take BYOD, and the level of investment required to protect your business.  The solution that you take on board should not be any different to a solution you should look to deploy to secure a corporately owned asset like a laptop. Consider if you can increase the level of protection you offer your business by using BYOD as a strategy to implement a solution to secure both BYOD and your corporate assets.

A full Network-Access-Control solution like “Juniper Networks UAC solution” can offer benefits to your business by minimising the risks from both BYOD and corporate devices. This solution can manage devices that are allowed to join the network and control the level of access that they gain based on the identity of the user and the state/health of the device the users are trying to connect with. This way you are able to increase your network security. Now you just need to develop a robust policy around which applications and systems on the network any personally owned devices are able to access.

Are there cost savings to be made?

You are going to need to, and you’d be wise to, invest in a solution to manage and protect your network. However, that aside protecting your network is essential regardless of BYOD. Your organisation could save money on the number of corporate assets like mobile phones and laptops you need to manage and deploy if you fully embrace BYOD.  But to my mind the question is not so much about cost savings, but increased productivity.

So, back to our BlackBerry example, I imagine a high percentage of your staff read an email at lunchtime or on their journey home and in most cases will respond and deal with it in their own time. If we removed our corporate mobile email solution and offered a BYOD email solution based on the Juniper Networks’ PULSE Mobile Security Suite and Juniper’s SSL VPN could we save money? I think the answer is yes, and consider this, you might also increase productivity even further as a number of staff will have two devices, one personnel and one business. Which one gets left at home at the weekend or in the evening? Unless you are as sad as me, it is not your business one!

What is the impact on the IT department?

Without a shadow of doubt there will be an impact on the IT department as any solution needs to be deployed and managed. However, an effective integrated solution, based on Juniper’s products like the IC, SA and Junos Pulse make that experience a lot easier to manage. The threat to the network can be effectively managed by a strong policy dynamically enforced by the combination of these solutions, and where a greater level of threat prevention is required the Juniper SRX with IDP unit can be integrated with the whole solution, providing a granular policy control enforcer based on User ID and health of the asset accessing the network.

Conclusion

In my opinion the debate on BYOD should not be examined in isolation, but as an overall enhancement to your whole network security policy. Yes, there will be a cost for set up and deployment, however increased network protection, and minimising down time from virus and malware risks need to be taken into account irrelevant of BYOD. The increase in productivity in staff, will only really been seen over time, but like mobile email, BYOD may also prove to be a true and productive benefit to your business.

And finally … don’t be surprised if you go to your IT department and find a form of BYOD already in use, iPads, smart phones or tablets may already be connected to your network, which belong to your senior executives or the IT team themselves. So, why not ask the IT team if they feel the use of these devices has help them improve their productivity? I bet you’ll be pleasantly surprised by the answer!

How CIO’s can fully harness the Enterprise mobility phenomenon

Guest Blog, from Gilles Trachsel, Product Marketing Manager, Juniper Networks

Two weeks ago I spoke at IP EXPO 2012 – London – where I presented on Enterprise mobility and the security challenges ahead. The following is a summary of the key facts I discussed; at a glance, you have to be able, as an IT manager or executive, to offer more granular control to the users accessing the network, based on who they are, where they are, what application they want to use and from what device, and all this in a controlled and secured way. It’s all about bringing control back to IT.

FACT: The nature of the LAN access will change from wired to wireless Ethernet over the next couple of years. This will be driven in large part by the massive influx of new and highly capable tablets and smart phones which do not have RJ-45 connections.

FACT: The time for enterprise mobility is now. According to IDC, by next year, more than 1.2 billion workers worldwide will be using mobile technology, accounting for 35% of the workforce!

FACT: We can observe a shift from PC based and corporate owned enterprise computing to any mix of devices that are corporate AND personally owned. This creates challenges around security and compliance. The same applies to the applications, where we can see a shift from corporate operated applications to chosen by the user applications. It is again a mix of both – the goal being to gain competitiveness and to bring more productivity.

FACT: The user’s end device is the weakest point in our security today and the attackers know it. The types of attacks are morphing. Today more than 80% of malware uses encryption, compression and file packing evading the traditional security technologies. Smart phones, tablets and cloud services are becoming popular targets for these attacks. Mobility forces enterprises to shift their security strategy away from a perimeter approach, making them realize that borders are now global and that their vulnerabilities are actually internal. Also mobile malwares are becoming pervasive. There are more mobile malwares than ever before, they have gotten smarter and application stores are fast becoming the prime delivery mechanism for infected applications. As a result, your “Bring Your Own Device” (BYOD) experience could very quickly become a “Bring Your Own Malware” (BYOM) very unpleasant experience

FACT : Mobility is much more than BYOD. Yes, BYOD is the most common and probably feared concern today, but you also have to address corporate own devices and guest access, and all three with a common and consistent approach. The problem here is that most vendors only speak to or can address only one of the three. Experience shows that point solutions fail to deliver comprehensive enterprise network access. So, today’s business environment requires coordinated access across all the identified major mobile user types.

BOTTOM LINE: If you consider the smart phones and tablets proliferation, the fact you have multiple devices per user, you have multiple applications per devices and multiple sessions per application, all this put the campus/branch network under increasing pressure, and there is a need to rethink the way you architect the network. You need a holistic approach to coordinated security for enterprise network access, regardless of who owns a given device. This allows organisations to translate a business policy based on the user’s role and identity and to apply it to the device of the user’s choice. Productivity is enhanced and security is maintained.

IT executives and managers must anticipate this mobile devices explosion and put in place all the necessary tools and components for letting these new devices access the network while at the same time protecting their critical resources and assets. Yes, in most cases, this will require a rethinking of the network architecture, which needs more security coordination, more performance, more scalability and more resiliency. But in the end, organisations will be able to trust, leverage and depend on mobility to create competitive advantage and higher end user productivity. In other words, IT doesn’t need just to be aligned with the business; it is becoming part of it!

Why networking is more than just “plumbing”. It can change your life.

We very much enjoyed Juniper Network’s latest blog post on ‘Why networking is more than just “plumbing”. It can change your life.‘ We have shared the highlights from this blog below which illustrate some very interesting stats from recent research Juniper Networks conducted with Forrester:

Visit the link here to view the full blog post.

Cloud Computing

  • 44% of businesses have seen increased use of cloud services – from software and infrastructure to business processes as-a-service offerings.
  • 58% say cloud computing had a significant impact on their network (which required hardware upgrade/refresh of network).

Big Data

  • 53% of respondents say the business is turning to IT to capture more data to make better business decisions.
  • More than half (52%) of businesses are grappling with data storage needs brought on by company growth.

Mobile Computing

  • In the last 18 months, 47% of businesses have seen increased demand from end users to bring their own devices to work.
  • When ranking IT initiatives for the next 12 months, 72% of IT business decision-makers put expanding use of mobile apps for employees, customers, and business partners at the top of their list.

To read the full report please visit Juniper Network’s website here.