The mobile era is fantastic from the standpoint of “freedom to work wherever” and “immediate connection to corporate network” – freeing us from the confines of our offices space via smartphones, laptops and iPad type computing devices. Now our offices, as we all know, are with us all the time – not only due to intellectual property provided by the companies, but also due to the “Bring Your Own Device” (BYOD) policy that allows us to connect our own devices to corporate offices anywhere and anytime.
This freedom comes with its own price - great for productivity but disastrous for security. It carries severe consequences if the BYOD is configured with very little or no password protection and antivirus, or with less restrictive access control policies.
For example, an unattended iPad left by a doctor leaves a plethora of patient information available for anyone to read. This can result in serious HIPPA consequences or massive data breach issues. A lost and unlocked mobile phone of a CEO is like an information hive for a thief, who can read personal and work related e-mails, text messages and more. Mobility without password protection is much worse than confinement to an office space.
Given that we have created an environment that allows users the ability to access corporate networks at will, a portable device connected to a corporate network can expose it entirely to Internet. Do most corporations want that? I don’t think so. It is time for corporations to think through their access control policies and tighten the belt around policies for mobile connection. What an employee can access from his corporate office versus what he can access from his BYOD needs to be revised.
Lastly, BYOD is not just business devices. Co-workers bring in smartphones, laptops, iPhones, and iPads and perform multitasking on them – reading personal e-mails, browsing websites, playing games, downloading videos or pictures, or simply plugging it into a corporate network for syncing data. For example, Dave was playing “angry” games in the elevator, then comes to his office and plugs in his phone. The phone was infected with a trojan virus and boom…. the corporate network is slow, or even down. His phone did not have antivirus installed and became a nightmare for the network administrators.
With all the bells and whistles that BYOD comes with, it is equally important that in this mobile era, we begin to conduct vulnerability assessment, putting intelligent access control policies in place to ensure that the porous network created by mobility doesn’t start to erode the network stability.
Michael Markulec, President & Chief Executive Officer of Lumeta Corporation is a sought after thought leader on cybersecurity and control systems security. Michael has authored papers and articles that have been published in several industry publications including CIO, Power Engineering, Information Week, and on NYTimes.com. Michael leads Lumeta's Internet Mapping Project and is frequently called upon to brief members of congress and high-level staffers at government agencies.
Want to learn more about today’s powerful mobile Internet ecosystem? Then be sure to attend the Mobility Tech Conference & Expo, collocated with ITEXPO West 2012 taking place Oct. 2-5 2012, in Austin, TX. Co-sponsored by TMC Partner Crossfire Media the Mobility Tech Conference & Expo provides unmatched networking opportunities and a robust conference program representing the mobile ecosystem. The conference not only brings together the best and brightest in the wireless industry, it actually spans the communications and technology industry. For more information on registering for the Mobility Tech Conference & Expo click here.
Stay in touch with everything happening at Mobility Tech Conference & Expo. Follow us on Twitter.
Edited by Brooke Neuman