Written By Dr Al Hartmann And Presented By Charles Leaver Ziften CEO
If you are not curious about BYOD then your users, particularly your executive users, most likely will be. Being the most efficient with the least effort is exactly what users want. Using the most convenient, fastest, most familiar and comfortable device to do their work is the main objective. Also the convenience of using one device for both their work and individual activities is desired.
The problem is that security and ease-of-use are diametrically opposed. The IT department would typically choose complete ownership and control over all client endpoints. IT can disable admin rights and the client endpoint can be controlled to a degree, such as just approved applications being installed. Even the hardware can be limited to a specific footprint, making it easier for IT to protect and control.
But the control of their devices is what BYOD proponents are rebelling against. They want to pick their hardware, apps and OS, as well as have the liberty to set up anything they like, whenever they like.
This is challenging enough for the IT security team, but BYOD can likewise significantly increase the quantity of devices accessing the network. Instead of a single desktop, with BYOD a user might have a desktop, laptop, smart phone and tablet. This is an attack surface gone wild! Then there is the issue with smaller sized devices being lost or taken or perhaps left in a bar under a cocktail napkin.
So exactly what do IT specialists do about this? The first thing to do is to develop situational awareness of “trusted” client endpoints. With its minimalist and driverless agent, Ziften can supply visibility into the applications, versions, user activity and security/ compliance software which is really running on the endpoint. You can then restrict by enforceable policy what application, business network and data interaction can be performed on all other (“untrusted”) devices.
Client endpoints will inevitably have security problems develop, like versions of applications that are susceptible to attack, possibly harmful procedures and disabling of endpoint security steps. With the Ziften agent you will be warned of these issues and you can then take restorative action with your existing system management tools.
Your users need to accept the truth that devices that are untrusted and too risky need to not be utilized to gain access to organization networks, data and apps. Client endpoints and users are the source of a lot of harmful exploits. There is no magic with current technology that will make it possible to access crucial corporate assets with a device which is out of control.