Three BYOD approaches - and the budget impact
By Ennio Carboni | Thursday, September 13 2012
Love it or hate it, BYOD is likely already affecting security, network performance and your budget (it can drive up costs by more than a third, according to some researchers). Here are three approaches to address these challenges.
This vendor-written tech primer has been edited to eliminate product promotion, but readers should note it will likely favor the submitter's approach.
Love it or hate it, BYOD
is likely already affecting security
, network performance and your budget (it can drive up costs by more than a third, according to some researchers). Here are three approaches to address these challenges.
* The Frugal Approach:
Some IT departments are "securing" their network by isolating all tablets and smartphone devices to a separate VLAN, outside the corporate network, where the only way to access internal resources is via VPN. There are no specific mobile management
capabilities, so IT utilizes existing network management
solutions to monitor network traffic inside and outside the VLAN to detect suspicious activity and ensure new demands on network bandwidth are being met. Does it work? Yes, for some organisations.
Is it optimal? No. You still lack visibility to discover who are the top bandwidth consumers and track these trends in the long term. Will it fit your existing IT budget? Yes, since you are probably repurposing the tools that you already have in place.
* The Big Brother Approach:
Some IT departments are willing to spend on dedicated mobile management capabilities. Costs add up quickly as more devices are introduced to the network. There are several approaches here as well - at various costs - but this approach is best for larger organisations or public companies that must met compliance regulations. For example, you can focus on the mobile endpoints and force end users to use a password. Another area to explore is encryption of any sensitive data, such as corporate email. You can select a SaaS solution that creates a so-called "dual-persona" environment
where some apps and data are cordoned off for enterprise use, others for personal use.
You can also spend more and purchase highly advanced functionality. For example, you can register and remotely manage all corporate mobile devices deployed on a network, from initial configuration and setup to automatically applying and tracking corporate policies. With some of these solutions, you can do very cool things such as enforce pass-code locking, or even wipe out all enterprise content when a device is lost or stolen, while maintaining personal files such as music, pictures or videos. As you can imagine, this advanced functionality comes at a high cost.
* The Wireless Pane of Glass Approach:
Many IT organisations are focusing on managing their underlying wireless infrastructure - like Cisco
and Aruba wireless LANs - while at the same time understanding who's using their wireless networks and for what purposes. Capabilities offered in this space range from live maps of controllers, LWAPs and user devices, to detection of rogue access points or reports on the encryption level and configuration of access points.
Some solutions can track user activity on wireless networks to the point of spookiness: You can track individual employees or visitors as they move around the building - how many meetings, where they took place, for how long - even where they had lunch. This is huge for security and legal issues, but also allows IT to have a complete picture of what departments and specific users are eating up bandwidth for work (and non-work related) tasks.
As we head into 2013 budget planning, we'll really see how IT plans are shifting because of BYOD - and who is still ignoring it. Network World
The author is president of Ipswitch's Network Management Division.