Your IT team sees people in hallways; conference rooms; sitting outside the building—and they’re all using a mobile device. Even the CEO and the VP of Business Development have new iPads. In fact, according to Gartner, 90 percent of organizations will support corporate applications of some sort on personal devices by 2014. Clearly, it’s time to develop a plan that will enable your organization to support the growing use of personal smartphones and tablets on the organization’s wireless network. But what about network access security?
As the popularity of personal devices in the workplace has grown, organizations have to consider not only security, but also wireless bandwidth issues, privacy, and compliance-related concerns. Typically, users either circumvent policies to get their own devices connected, or IT teams are forced to create holes that can compromise the security of the organization. Security versus access is something that every IT team eventually must face, but there is a fairly simple fix available for this problem, and understanding user identity is the key.
In a scenario where dozens or possibly even hundreds of personal mobile devices desire access to a network, it’s imperative that IT organizations are able to tie a user’s identity and role to the devices they are connecting to within that network. Once that information is known, access policies then help control what and who are on the network, and differentiates their access based on the user’s role and if these new devices meet certain guidelines. This correlation provides valuable network visibility while also helping to pinpoint possible security holes. Additionally, this type of insight enables organizations to take a proactive stance of tracking, logging and managing every mobile device, instead of guessing how they’re being used.
Most experts believe that allowing devices that users feel comfortable using will foster productivity and help reduce corporate expenses. Anecdotes, like the following from a financial services representative allowing the use of personal iPad tablets onto his wireless network, abound: “The ability to quickly adapt the network to support these new devices is a key security advantage in our industry, as regulations and auditing are a large part of the business.” By being proactive this company is reducing its exposure and also providing invaluable oversight that ultimately protects the customer.
So where do you start? The first step is to determine if your existing network access equipment and policy solution are adequate. Can you easily identify users and devices, perform pre and post-authentication checks, allow and deny access, and then selectively grant proper network access privileges? A modern network access security solution should be able to deliver all of the preceding capabilities plus built-in identity role-mapping, NAC, AAA services, finger-printing and real-time endpoint reporting.