BYOD (Bring Your Own Device) is one of the buzz-acronyms de jour. The push for people to want to hook their own favourite computing/communication device onto the company network is an inevitable result of the rise of Smartphones and tablets.
Although the phrase “Personal Computer” came into being 30-odd years ago, it has only been with the development of smartphones and tablets that computers have become truly personal.
People carry their mobile computing device with them all day, and have semi-religious beliefs in the superiority of certain flavours of device. Moreover, the devices are affordable enough to become family hand-me-downs when the newer model is released. In the face of this, the concept of everyone conforming to using just a standard company-issued device is becoming an anachronism.
So, companies need to work out how to let users bring their own device, but still maintain a seamless and reliable IT service. The major challenges to overcome are:
- Authentication: If employees can just bring in any device they wish to, then how do you differentiate an employee-owned device from a device that Joe Public has just carried in with them?
- Virus protection: How do you prevent employees’ devices from injecting viruses into the network?
- Tracking who did what: How do you work out who visited that dodgy website, or filled up all the internet bandwidth with a big download?
Solving these challenges is an excellent opportunity for new upsells into existing networks.
Take authentication and tracking, this can be solved by implementing a comprehensive authentication and VLAN assignment system. Upgrading the network edge switches to those that are capable of Triple Authentication (802.1x, MAC Authentication and Web Authentication) provides a system that can authenticate any device, and prevent Joe Public from getting any access.
The authentication can be performed on the wired switches behind the Wireless APs, so the upgrade can be confined to the switch racks, rather than requiring replacement of the whole wireless infrastructure.
Ensuring that the switches are also capable of Dynamic VLAN assignment enables the allocation of a private IP subnet per user, which provides an excellent means of tracking who did what.
The key to the virus protection solution is installing a NAC (Network Access Control) server. This enables the network administrator to implement a system that enforces a devices’ level of virus protection and operating system security patches.
Of course, this is not relevant to all devices; but for those devices that are vulnerable to viruses, NAC provides a powerful and flexible solution.
BYOD is unstoppable. People can use their mobile computing devices on WiFi in cafes, and shopping centres. They expect to be able to do the same at work. In fact, they will increasingly resent a workplace that does not provide this now commonplace facility. Getting Network Admins and CIOs to embrace BYOD, as an opportunity to promote employee satisfaction and engagement can be a key driver for network infrastructure upselling.
This demonstrates that affordable and reliable solutions are already available that support BYOD securely and seamlessly, and you can turn BYOD support from a too—hard hassle into a satisfying business improvement project. Enhancing user satisfaction, whilst also improving network security and flexibility, is a compelling scenario.