FINAL WORD
THE BYOD CHALLENGES
DON’T APPLY JUST
TO INTERNAL USERS.
ANY VISITOR – GUEST,
CUSTOMER, PARTNER OR
OTHER EXTERNAL THIRD-
PARTY – WILL ARRIVE
WITH AT LEAST ONE
DEVICE THAT REQUIRES
NETWORK ACCESS –
WIRED OR WIRELESS
Security-conscious enterprises now require
enforcement policies that utilise real-
time contextual data to grant network
privileges. In parallel, policy management
platforms must support end-device
profiling that identifies device types and
respective attributes that connect to
networks. And real-time troubleshooting
tools are valuable as they solve
connectivity and other end-user issues
quickly. Enterprises have tried to achieve
many of those objectives with siloed
security products, but they are finding it
more useful to reduce complexity – the
number of management consoles – and
the ability to use multiple solutions if they
can automatically leverage contextual
information between.
What this means is that there there
is room for third-party products like
mobile device management (MDM) and
enterprise mobility management (EMM),
firewalls and security information and
event management tools. But the primary
management platform must be used to
coordinate defenses where everything
works as a coordinated solution.
Migrating to Policy
Management from Basic AAA
Since Active Directory or LDAP are still
used to administer security policies
for most internal users and devices, IT
departments aren’t able to perform
enforcement using real-time contextual
data. Context like user roles, device
types, ownership, location, and app
usage – are all essential to enforcing
policies as users move through their day
and work with multiple devices. With
this model, laptops can be given more
rights than smartphones based on device
type, for example. Policy management
takes all those factors into account and
dynamically enforces which resources can
be accessed.
In addition, today’s policy management
systems let users configure their own
devices for secure Wi-Fi or wired
connectivity. Workflows that include
MDM/EMM data makes it easy to detect
if a device is company issued or BYOD.
This sort of security management
transition can’t be done in a firehose
fashion; security professionals agree that
a phased approach is the smartest way
to move from legacy AAA to centralized
policy management. IT departments can
then ensure that highly mobile workers
get seamless access to the apps, printers
and network services they’re authorized
to use, no matter where they are or what
device they’re using.
Managing in the BYOD Era
IT professionals have been sorely tested
by the BYOD trend with both internal
users and network guests. Managing
the onboarding process of everyone’s
personal devices can strain IT and
helpdesk resources, and if not properly
handled, can also create security
problems.
AHMED REZK
Channel Systems Engineering
Manager, Middle-East and Turkey
at Aruba, a Hewlett Packard
Enterprise Company.
86
INTELLIGENTCIO
Robust management platforms allow for
any Windows, Mac OS X, iOS, Android,
Chromebook and Ubuntu devices to be
automatically onboarded via a user-
driven, self-guided portal. Required
www.intelligentcio.com