There is no silver bullet for the ‘Bring Your Own Device’ concept, but by embracing BYOD, employees can be more productive and your company can reduce capital expenses. Safely allowing devices to connect to your network is about policy and layers of technology, many of which you probably already have in place today if you allow employees to connect via VPN to your network from their home PC. Allowing devices without those considerations can be reckless to your company and its employees.
I’ll discuss a number of aspects to consider for BYOD in a series of posts. This post focuses on a high-level example of technology that can help securely permit employee devices to access corporate resources.
Combining next generation wireless solutions and next generation firewalls provide security for guest and employee owned mobile devices on enterprise networks. You can securely enable Bring Your Own Device and Guest Access while maintaining compliance. These technologies can share user, device and application information to monitor and enforce application usage policies on smartphones, tablets and laptops – regardless if the devices is connected via Wi-Fi, wired network, a cellular provider, or a VPN connection.
Traditional firewall policies are based on IP address, but the allocation of IP addresses to corporate and guest users means that the user and group associations are not reflected in those policies. Imagine your firewall is seamlessly integrated with enterprise directories to identify users of the corporate network. Now imagine your BYOD management solution utilized that same technology to guest users and employee owned mobile devices.
Security policies on the next-generation firewall can be defined based on the user and/or group membership. This cohesive system provides complete visibility and control over the applications and resources available to all network users. The combined solution provides safe enablement of resources in situations such as:
- Securing users and devices on guest Wi-Fi networks
- Allowing access to applications while protecting from potentially dangerous content
- Full visibility (traffic by user and application) and control of network resources
- Integrated wired and wireless policies compliance and enforcement
Stay tuned for more posts on this topic.