INTELLIGENT MOBILE TECHNOLOGY their day and work with multiple devices.
With this model, laptops can be given more rights than smartphones based on device type, for example. Policy management takes all those factors into account and dynamically enforces which resources can be accessed.
In addition, today’ s policy management systems let users configure their own devices for secure Wi-Fi or wired connectivity. Workflows that include mobile device management and enterprise mobility management, makes it easy to detect if a device is company issued or BYOD.
This sort of security management transition cannot be done in a firehose fashion, security professionals agree that a phased approach is the smartest way to move from legacy to centralised policy management. IT departments can then ensure that highly mobile workers get seamless access to the applications, printers and network services they are authorised to use, no matter where they are or what device they are using.
IT professionals have been tested by the BYOD trend with both internal users and network guests. Managing the onboarding process of everyone’ s personal devices can strain IT and helpdesk resources, and if not properly handled, can also create security problems.
Robust management platforms allow for any Windows, Mac OS X, iOS, Android, Chromebook and Ubuntu devices to be automatically onboarded via a user-driven, self-guided portal. Required SSIDs, 802.1X settings and necessary device certificates are then automatically configured on authorised devices.
By working with unique device certificates, users do not need to enter login credentials repeatedly throughout the day, or worry as much about password theft when connected to guest networks. Menu-driven capabilities ensure the rapid revocation and deletion of certificates for specific mobile devices if a user leaves an organisation or if the device is lost or stolen.
The BYOD challenges do not just apply to internal users. Any visitor, guest, customer, partner or other external third-party, will
They seek security management that is both adaptive to how people work and is easily customised
arrive with at least one device that requires network access – wired or wireless. Good security management requires a simple model that automates and simplifies the provisioning of network access for guests, but also provides expansive security features that keep data, computing resources and other users safe.
Self-registration lets guests create their own log-in credentials, which are delivered via printed badges, SMS text or email. Credentials can be stored for specific periods of time and set to expire automatically. Guest traffic on the network should also be configured to run separately from enterprise traffic.
Today’ s most robust security management platforms allow guest portals to be customised with options like advertising and local language support. Guest policy management must also include the ability to set bandwidth limitations on guest sessions to maintain service-level agreements and robust throughput for all users.
Network access management systems that integrate with next-generation, applicationaware firewalls for additional protection against non-http traffic and content filtering that prevents access to inappropriate or offensive websites is also recommended.
Prevention is especially good medicine for the security of enterprises and their datacenters. IT must have the means to perform endpoint health checks to ensure that laptops are fully compliant with internal requirements, which checks for the latest patches and updates before they are allowed to connect.
In addition to system-wide, persession protection, enterprises should be able to specify whether to allow or deny capabilities like peer-to-peer applications or USB storage devices. Administrator dashboards make it easy to identify noncompliant devices, users, and the reasons for non-compliance.
Access can be denied if storage is not encrypted- this also gives IT leverage with users to ensure that offending laptops get updated as needed. Endpoints that are not in compliance can be automatically remediated or quarantined with today’ s security management platforms.
These sorts of security functions are no longer just nice to have, they are essential for today’ s competitive business. And with the advent of cloud computing and an explosion of IoT devices, robust security management is essential for enterprises. End-users, accustomed to high levels of performance, easy access and self-service, expect the same of business networks.
Security platforms that integrate policy management with authentication, authorisation and accounting will lay the groundwork for more robust computing and IT-fueled productivity. And they will keep networks, devices, data and users safe in the process.
Ahmed Rezk is Channel Systems Engineering Manager, Middle East and Turkey at Aruba
45