Hello everyone !
in this article i would like to relay my views of this subject
recently there has been a trend in the market called byod this basically is where the employee of
an organization is allowed to use their own personal devices such as laptops and mobile phones to perform
work functions this model has gone from the corporate and enterprise level right down to the SMB there has been
opposite opinons as to the effects this trend has on network security with the major argument being how do you
govern these personal devices ? in your corporate controlled network you have your baseline and you have your minimum security in place before every roll out your end points have up to date anti virus and firewall applications installed
and your systems are managed to ensure all system patches are deployed and installed across the network but how do you accomplish this same level of security when you have so many devices coming from outside the network ?
will mr bob employee have the latest patches installed on his system ? probably not
will ms employee have a anti virus on her computer that she brings from home ? if she doesn’t
what systems do you have in place to prevent the system from accessing the network ? or to have an anti virus
installed before the system is granted access
lets look at this example if BOB brings in his computer and his antivirus is not up to date and since the computer is not giverned by a startup script there is no verification if the system is updated otherwise latern on BOB click on a link to an infected file and the file is downloaded and executed on BOBs computer without warning because the antivirus is not up to date you now have a infected host on your network
the above is an example of how easy it would be for new attack vectors to be uncontrolable with this conecrpt
of course there are many other safe guards you can put in place but do you have those safe guards in place ?
are you willing to bet your comapnys reputation on it ?
the other issue is that of software licensing governance is the software on the personal computers of all your employes legally bought and paid for ? or was the software obtained illegally
the other issue is that of a changing Eco-system of operating systems and hardware BOB may use windows but SALLY uses OSX and TOM may use LINUX how do you troubleshoot when issues arise when your Eco system has changed so fast this is when polices have to be put in place for what system is acceptable and what requirements need to be met to deem the system fit to be brought to the workplace
there are pros of course the reduced cost of end point devices that need to be purchased but in terms of security
there still needs to be a lot more consideration for the business before adopting this trend because if this is thought thought out well you may leave your network security in shambles
So all in all Byod can be the future of the business but careful planning and consideration
need to be done by businesses at all levels before adoption
Until next time
Stay secure !!!