Story image

Improve productivity with BYOD

30 Dec 2014

Access versus security - it shouldn’t be a trade-off, says Fortinet’s Scott Cowen. He offers some security tips for the mobile workforce.

Enterprises can improve productivity by supporting BYOD (bring your own device) capabilities for management and staff. 

Users should be able to log on to the corporate LAN, either wired or wireless, from the device of their choice, access the application services they need and then exit the system. But, to ensure that only authorised users can do so, stronger security must be implemented .

The challenge for IT managers is to maintain real-time visibility of both traffic and application services, not only to guarantee a quality user experience but to add another level of protection against abuse or unauthorised activity.

To do this savvy managers are ensuring that access to the network (either wired or wireless) is based on a combination of authentications based on both user and device. This is achieved with a unified approach to security that adds protection at every node on the network.

From Wi-Fi to a secure wireless LAN The key is to start with the premise that there is ONE network, regardless of how users are connected to it – wired, wireless or remote access.

This can only be achieved if you integrate a single, comprehensive security-centric infrastructure - the so-called unified access layer - into the network’s fabric. A secure environment with a common set of rules and policies that determine the level of user access based on their needs/roles, not by which access method they use.

All of the components on the network have to be secured: the gateway, servers, switches and access points. Secure gateways are nothing new, indeed most gateways have embedded firewalls, application control, web filtering and intrusion prevention as standard features.

These features secure the LAN behind the gateway. But, with the advent of BYOD, there is now a back door that can bypass the secure gateway and provide unauthorised users a free hand.

Authentication, single sign-on and ID  Authentication is a standard feature of wired LANs. Extending authentication to the wireless world has traditionally been difficult and entails separate security for both access layers and infrastructure layers. Not only does this entail more operational overheads but it is cumbersome for users as they log on and off the WLAN. Hence the rise of single sign on (SSO).

SSO essentially takes advantage of the identity management capabilities inherent in the security-centric infrastructure to identify the user by both name and device. SSO interacts with other authentication servers on the network to act as a central repository for user identification. This in turn improves the user experience by reducing the number of logins that a user must execute. And once users are identified and authenticated, they are governed by a set of policies defining their resource access rights.

The secure WLAN: Access and security Corporates need to make it easy for staff to work from any device, any time and in a secure manner. The technology has caught up with the requirement and is now available at a reasonable cost. Building security into your WLAN is no longer a separate exercise but a vital component of the security-centric infrastructure. It’s the most cost-effective and accessible strategy to remove the ‘access versus security’ trade-off from your network. 

Scott Cowen is the New Zealand and Pacific Islands channel director for Fortinet, which provides high performance network security.

Flashpoint announces new features on intelligence platform
The platform now features new dashboards and analytics, expanded datasets, chat services and communities, and industry alerting.
Hitachi Vantara to offer data protection as-a-service
Hitachi Vantara has introduced data protection and data storage offerings that embrace the as-a-service model and come as pre-engineered, fully managed services.
TIBCO aids in effort to boost Vietnam's data talent pool
Training will include ways to understand data analytics, and skills to support the country’s push towards digital transformation.
Tech leaders already seeing the impact of automation
“It is our strongly held belief that the prosperity of New Zealand is inextricably linked to how well our organisations embrace a digital future."
Snowflake & Anodot to offer AI-based anomaly detection
Customers will have access to Snowflake’s built-for-the-cloud data warehouse and can receive instant alerts and insights from Anodot for potential issues before they cost customers significant ROI.
ABS and Google Cloud partner to demonstrate the feasibility of AI-enabled corrosion detection
The project successfully demonstrated the accuracy of AI in detecting and assessing structural anomalies commonly found during visual inspection.
Aerohive launches guide to cloud-managed network access control
NAC for Dummies teaches the key aspects of network access control within enterprise IT networks and how you can secure all devices on the network.
Sungard AS named DRaaS leader by Forrester
It was noted for its disaster-recovery-as-a-service solution’s ability to “serve client needs at all stages of their need for business continuity.”