Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Is Your Network Ready for BYOD?


Published on

Simply preventing personal devices from accessing your network might not be the best option for your business. A well thought out BYOD policy and the proper wireless security strategy can empower your employees, save costs, and increase productivity while maintaining security and control.

This presentation covers:
• The security implications of BYOD
• Steps to prepare your network for BYOD
• Strategies for managing remote users, branch offices and wireless access

Find out more about BYOD here:

Published in: Technology
  • Be the first to comment

Is Your Network Ready for BYOD?

  1. 1. Is Your Network Ready For BYOD?Bill Prout, Sophos
  2. 2. Join us on Twitter Live tweeting from @Sophos_News Send us your thoughts #SophosLive
  3. 3. Agenda Q&A What is BYOD? Strategies BYOD Agenda Benefits Concerns & BYOD Implications Preparation
  4. 4. What is BYOD?Sometimes known as BYOP, BYOT, or the “Consumerization of Technology” • One of those terms that means different things to different people (Like ‘Cloud’) • Most agree it means allowing personal devices to access business networks • Big topic that covers more than just mobile phones, may also include Guest wireless access • Also used to describe programs where equipment is provided (1 – 1 initiatives in schools)
  5. 5. Why is BYOD a hot topic?Powerful Access Mixed User indevices everywhere ownership charge
  6. 6. Why consider BYOD ?What benefits does a BYOD program bring? • BYOD should hopefully reduce IT costs • BYOD can lead to greater employee satisfaction • Satisfaction can lead to greater productivity • Many users expect to be able to use their own devices, may see IT as a business obstacle • Not allowing may result in employees doing it anyway
  7. 7. What are the concerns? BYOD risks include: • Data Leakage • Increased chance of malware • Regulatory violations • Legal Issues • BYOD devices may also place a greater load on your network and wireless devices • Balancing user expectations with security requirements
  8. 8. What are the Security Implications ofBYOD? • Personal device use may conflict with company security policies • Allowing ‘any’ device to participate may reduce security • Personal devices with company data blurs lines of responsibility
  9. 9. Steps to prepare for BYODAs with any IT Initiative, we start with a plan • Form a committee of stakeholders • Identify the risk elements that BYOD introduces • Decide on policies and acceptable use • Build the plan • Evaluate Network and identify any missing components • Implement solutions • Periodically reassess solutions
  10. 10. Form a committee of stakeholdersGather input from different groups • Business • IT • Security • Legal • HR
  11. 11. Identify Risk ElementsStakeholders can help you understand where risks are Measure how the risk can impact your business • How much damage would be incurred by lost or stolen data? Map risk elements to regulations where applicable • Are you subject to compliance rules? • What rules do they have regarding mobile devices?
  12. 12. Define Policies and Acceptable useThis may be a good time to look at Endpoint and VPN policies and programs Mobile devices • Which types are allowed? What applications are acceptable? Tablets • Which types are allowed? What applications are acceptable? Portable computers • Is an Endpoint agent used to scan for AV and enforce policies?
  13. 13. Build the plan • Remote device management • Application Control • Policy compliance and audit reports • Data and device encryption • Cloud storage security • Wiping of devices • Revoking/changing access if employee status changes • Guest options
  14. 14. Mobile Device ManagementChoose an MDM solution • Primary purpose is to protect corporate data • MDM solutions can be on premise or provided as SAAS • Should have basic features such as: • Remote lock/wipe • Turn on native security features • Compliance checking to ensure device isn’t ‘Jailbroken’ • Should support existing mobile platforms and be upgradeable for future products
  15. 15. BYOD Infrastructure ConsiderationsThe Network • Are new users/devices being added onto your network? • How many? Twice as many? 3 times? • Can you easily segregate Guest user traffic from the LAN? • How much extra work is this going to be for IT staff? • How do I expand this out to remote offices?
  16. 16. Review Network and Identify Missingpieces• Network Security Solutions to see if they can be used with BYOD traffic (E.g. Web policies, Application Control)• Bandwidth throttling capabilities• Time based policy options• Reporting Capabilities• If MDM is on premise, how do I securely setup access?
  17. 17. Review Wireless CapabilitiesYour Wireless solution and its capabilities • Can equipment support multiple SSID’s (wireless zones)? • Does equipment support 802.11n? • What levels of encryption does it offer? • How easy it is to add capacity? • What are the Guest capabilities?
  18. 18. Evaluate Encryption ToolsNeed to think about where the data is now that its mobile • Need to protect data in transit, and at rest • Need to consider that data may be used in the ‘Cloud’
  19. 19. Implement Solutions • Begin with pilot group from each department • Educate Users on BYOD risks and rewards • Gather feedback from pilot group I • Expand to all users my iPad
  20. 20. Periodically reassess • Especially important due to rapid changes in mobile market and technology • Keep an eye on compliance changes • Include vendors and trusted advisors to get info • Look at existing vendor roadmaps • Look at new cost saving options such as group plans • Invest in user awareness
  21. 21. Strategies for BYOD Success • Setup a ‘Guest’ Wireless LAN for BYOD devices • Define a list of supported BYOD devices as part of your BYOD plan, and be prepared to modify as needed • Use an MDM solution to support BYOD devices and provide a security baseline • Use encryption to protect data allowed on mobile devices • Define what ‘app’s are acceptable and which are not
  22. 22. Strategies for BYOD Success• Consider using tools like Citrix or HTML5 portals to prevent data from being transferred to mobile devices• Understand how compliance may affect your BYOD program• Educate users about BYOD issues and concerns
  23. 23. What do we need to support BYOD?At a minimum • A robust network that can handle increased traffic • Ability to identify and control ‘Mobile’ user traffic when on network • An MDM solution to manage devices • Encryption to protect data
  24. 24. Sophos UTM Integrated securityOnce connected to the UTM easily integrates with other security features Strong Encryption Sophos UTM Integrated UTM Security24
  25. 25. Complete security Endpoint Web Email Data Mobile NetworkReduce attack surface Protect everywhere Stop attacks and breaches Keep people working URL Filtering Web Application Endpoint Web Encryption Data Control Access control Automation WiFi security Firewall Protection for cloud Anti-spam Patch Manager Mobile Control Virtualization Anti-malware User education Visibility Local self-help Application Mobile app Clean up Technical Device Control Secure branch Intrusion Firewall Control security support offices prevention Encryption Live Protection Email encryption
  26. 26. Staying ahead of the curveStaying ahead of the curve US and Canada 1-866-866-2802 Sophos on Google+ UK and Worldwide + 44 1235 55 9933 26