Like many aspects of security, Arbor Networks has seen the issue of BYOD exist for many years.
ANZ country manager, Nick Race, said it is a challenge that persists much in the same way distributed denial-of-service (DDoS) attacks do.
“They have been around for nearly 20 years, but have evolved and continue to be a top of mind concern for enterprises,” he said.
“BYOD is similar in that regard and remains a considerable challenge for the enterprise.”
Smartphones have caused headaches for businesses in recent years, though Race said the landscape has evolved to include tablets, and to a lesser extent, online enabled smart TVs.
“Any device that can access the corporate network has the potential to become an opening for an attacker,” he said.
A need for control
In today’s connected workplace, Race said it is essential to understand who is accessing what within the corporate network.
When considering allowing employee owned devices, the first step is to have a clear policy on what is and what is not allowed, as well as the expectations of the business in terms of security.
“This needs to be communicated to employees, along with an indication of the penalties for violation,” Race said.
A method of isolating BYOD devices from high-value systems is also recommended, but in a way they can be “used for day-to-day activities” while requiring additional permissions to use specific resources.
Race is also a strong proponent of pervasive visibility of what devices are doing what on the network.
“We need to be able to detect suspicious or malicious behaviors wherever they occur, detect unusual data transfers inside the organisation and get forensic information so that we can investigate any potential compromise quickly and easily,” he said.
Patrick Budmar covers consumer and enterprise technology breaking news for IDG Communications. Follow Patrick on Twitter at @patrick_budmar.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.