Brought to you by the Cisco Innovators Program
How many iOS, Android, and other mobile devices are using your company network?
Hint: The numbers are higher than you think.
"A client thought that they only had two or three iPad users on their business network," says Clay Ostlund, senior systems engineer at Marco, a Cisco Premier Certified Partner.
When we polled the network with a Cisco Identify Services Engine ISE, it showed there were 100 iPads active."
Welcome to the new work culture of bring-your-own-device (BYOD).
Many people will use their personal smartphone, tablet, or other mobile device on their employer's network. No matter what the IT policy is.
As a leader of your business, it's time to protect your company with BYOD security strategies. Here are seven ways to do it.
1. People First: Raise Awareness
Create a current acceptable use policy, communicate it to employees, and enforce it. An employee's ignorance, carelessness, or insubordination about security can pose a greater risk than a hacker does.
Also ensure that your IT staff is up to speed on security technologies and techniques for mobile devices. Techies who read on the subject, undergo training, and apply the expertise of Cisco Certified Partners can efficiently power up your protection.
2. Control Access to Your Network
"The simplest strategy is 'put in a firewall, set it, and forget it.' But that won't do the job," says Derek Bell, president at CMS IP Technologies, a Cisco Premier Certified Partner whose technical services specialties include wireless networking.
"The firewall must include an intrusion prevention system (IPS) that inspects what's entering, and be continually updated because security risks are ever changing," Bell says. "Users' devices, apps, and locations change a lot. You've got to continually monitor and tune all your security systems."
Simplicity and security can unite in an integrated solution. Cisco TrustSec® technology integrates IPS, ongoing security updates, and centralized identity management, as well as new context-aware firewall appliances that don't slow the performance of users' applications.
3. Apply Web Application Security
"Web security technology now lets you go beyond the URL level to tailor the web content that you want to block, "says Ostlund. His company, Marco, provides data, video, and voice solutions and managed services; its specialties include network security.
"It's especially cool paired with other TrustSec components," says Ostlund, "because then you can control web usage by user and by device. For example, a school can let a student access YouTube when using a school-issued device, but not when using BYOD. You can also limit the bandwidth that a person can use on your network."
New Cisco® technology offers specific access controls for Facebook, Google+, LinkedIn, Twitter, iTunes, and 1000 other applications.
4. Secure the Wi-Fi Connections at Your Site
When BYOD users at your site try to connect to your network, you are clearly in control. Apply VLANs to segment your mobile device traffic, including a VLAN for guests. In addition to supporting multiple VLANs, some new access points have an antenna design that doubles the range of high-speed 450 Mbps rates, Ostlund says.
Consider a network access controller that streamlines the authentication of users and devices--whether their access is wireless LAN, cellular, wired, or virtual private network (VPN). Lacking this centralization, you'll have separate controls that cause higher IT overhead for system monitoring and management.
5. For Access from Anywhere, Use VPNs
When users are offsite--at home, in a coffeehouse, or traveling--a VPN can secure their connection to your network. To make it easy, you can provide users with a standard VPN interface for all their mobile devices, including iOS, Blackberry, and Android.
6. Use Mobile Device Management (MDM) Software
To maximize security policy compliance, implement an MDM application. Cisco has partnered with several leading MDM vendors for integrated solutions.
7. Activate Security Features in the Devices
With or without MDM, you can require that mobile devices connecting to your network have activated their internal security features, including screen protection, software updates, and remote-wipe capabilities to erase data when the device is lost or stolen. In your acceptable use policy, address issues related to the ownership of data on devices.
When you're ready to say "yes" to the inevitability of BYOD--and the necessity of protecting your business--you can call on Cisco Certified Partners for security expertise, streamlined security solutions, and award-winning support.
Find a local Cisco Certified Partner that can help your business with Wi-Fi and BYOD security.
Learn more about Cisco BYOD solutions.