Since the big marketing scam of Y2K, nothing seems to have caused a bigger commotion in computer networking than Bring Your Own Device (BYOD), says Ruckus Wireless.
“BYOD is scary, and scary sells products,” says Michael Fletcher, Sales Director for Ruckus Wireless sub-Saharan Africa. “However, the reality is that BYOD has become a bit like Y2K. It’s a big problem that isn’t really that big. Mobile is surging, but product distributors have blown it way out of proportion as users are making enterprises reassess their wireless strategies. But truth be known, most businesses really want to do a few simple things with BYOD:
Find an easy way to onboard all devices (organisation- and user-owned)
Automatically provide user-based policies when a user connects
See who is accessing the network with which devices
Extend wired security and design (content filtering, firewalls, and VLANs) to the wireless network
Add wireless capacity to networks with 2x, 3x, or 4x devices per user
Keep it simple, cost-effective and leverage existing infrastructure!”
“Understandably, some organisations (such as those with strict compliance requirements) need highly customised security policies in place. Where IT staff expertise and budgets are sufficient, we wholeheartedly recommend it. Yet despite the BYOD hype claiming that everyone needs all the customisation and then some, we’re hearing a different story from the middle of the enterprise market,” adds Fletcher. When it comes to BYOD, Ruckus Wireless is seeing that very few companies really want to implement every bell and whistle because:
· They don’t have time
· They don’t have the skilled staff
· They don’t have the budget
· They don’t see the need
· Or more likely, all of the above.
More important however, organisations already have the right network components to address their BYOD basics without having to purchase more network equipment:
- Authentication – they already securely authenticate users against the authentication server.
- Network security – many organisations have already invested time and energy designing proper network segmentation and security with VLANs, ACLs, firewalls, and content filters. Why replicate the configuration and complexity on wireless devices if you’re already doing it on the wire?
- Role-based access policies – the company knows who people are and where they belong on the network; now it’s time to use that information to make sure everyone gets the right access and nothing else. This can apply to device types too.
- Visibility – there are many devices in the network that can monitor who’s on your network and what they’re doing. A smart Wi-Fi system provides this information at the edge, where you can make provisioning changes as needed.
“Role-based access is often the biggest hurdle, but for those that have group policies wrapped up with a pretty bow, the new question that needs answering is whether all users and devices are the same. Users with personal devices are forcing the question. Thus, the basic problem surrounding BYOD is that users are known but devices aren’t,” says Fletcher. “IT needs to know what devices are on the network at any time and who owns them. But, network access has already been restricted by network security and segmentation (and any other overlay solutions in place, such as NAC and content filters).”
This raises some important questions:
How are personal devices initially provisioned to gain network access?
How is each device identified, associated with a user, and then tracked?
How is a user/device restricted to a WLAN or VLAN/firewall policy?
“BYOD shouldn’t be a scary concept, nor should it deter organisations and employees that want to reap the benefit that such flexibility has to offer. It’s just about cutting through the myths and the hype and really understanding the benefits, impact and necessary processes that need to be implements. Quick setup. Easy access. Productive users – how BYOD is meant to be,” concludes Fletcher.