Nov 26 2014

Balancing BYOD

It’s becoming one of the buzz words, if it hasn’t already. BYOD, or Bring Your Own Device, is something that many companies are dealing with more and more.

In some instances, it’s a question of whether or not you will permit an employees own device to have access on your network. In others, the company either requires you or allows you to BYOD rather than providing a corporate cell phone.

So what can it all mean for you?

As someone who has built and managed networks, I can tell you the devices I most fear on a corporate network are those I don’t own and control. BYOD falls into this category. For one thing, a corporate asset, whether a phone, tablet or laptop, is subject to corporate policies which will include anti-virus and regular software patching. Enterprise servers handling those types of things ensure that the defenses are kept up to date, and domain policies ensure that an at-risk computer, one whose definitions are out-of-date, cannot get onto the corporate network. But a BYOD device? I cannot say how well the device is patched, or if the owner cares enough to use anti-virus software. They could be bringing in a pristine system, or they could be connecting one that is so infected it could be catastrophic.

The one common issue I see, is that if you don’t allow some means of BYOD network access, users begin to bring in MyFis, or turn on their cellular hot spots. And this creates another issue, interfering with corporate wireless. It’s not a good option, and for me it’s one I work to avoid. So what’s the trick?

I’ve found that offering an acceptable level of wireless connectivity is best. You can set it up so that your wired network ports will only allow an authorized machine, meaning no one could plug in a non-corporate device. And you can take steps to segregate the BYOD wireless segment from the rest of your network, so that should there be an infected machine on it, it will not have devastating consequences for your entire operation. Plus, if you chose to do so, you would have the ability to cap the bandwidth for the BYOD network-make it enough that it works, but make sure it’s not so much to be too much fun to use.

Short of confiscating employee personal devices at the door-which I’ve heard about-or otherwise having an HR policy restricting or forbidding BYOD, it’s a problem you won’t avoid. It’s just an issue you need to properly manage in order to mitigate any potential risks.