Security Defenses: 10 Ways To Circumvent Threats With a Sound BYOD Policy
Design for Your Fears
Embrace, do not fear, rapidly evolving computing realities. The typical IT design for the cloud considers that the exceptions of yesterday's business world have become the assumptions of today's world. Personal productivity devices in the workplace, combined with the security threats and attack tactics associated with them, must be balanced with the business imperatives for agility, compliance and innovation. By designing for your fears, bring your own computing (BYO) and the cloud achieve the synergistic goal of optimizing productivity and security while empowering both workers and IT. One of the first fears to get over is consumerization.
Remember that consumer technologies gave us our first real glimpse of computing's future. Furthermore, social media, when used effectively, leads to a higher level of collaboration. Gesturing and kinetics lead to "immersive computing." And we're seeing early signs of this megatrend leading to the eventual "humanization of computing."
Make IT Personal
Remember that BYO is more than a device; BYO embodies personal choice over the entire computing environment. The computing experience for the cloud era is custom-tailored to the individual. It is no longer one-size-fits-all. By making IT personal, the use of devices, applications, data and even the security experience can be fit-to-purpose and therefore be more relevant to business. Keep BYO personal by keeping sensitive enterprise data off unmanaged consumer-grade BYO devices.
Refocus on Networking
With services moving to the cloud and people connecting to applications and data, networking infrastructure is more important than ever. Today's networks are required to be high-speed, highly redundant, resilient and secured against compromise. Cloud computing and virtualization requirements also demand that networks are portable. To maximize this portability, take the network out of the guests and hosts using network isolation through virtual services.
To advance security for the cloud era, it is imperative to refactor access to more than a simple yes/no and who/what is banned from the network. These effective access decisions must be made using the 5 W's of access: Who, what, when, where and why. Or, in other words: Identities + Devices + Situations + Locations + Usage Cases. Systems, networks, applications and services must integrate the expression of user, device, session and data control attributes to effect the proper access decisions. Using who, what, when, where and why for access allows more control over complex data relationships.
By viewing networking as relationships, networks can evolve to meet the demands of the cloud era. Cloud era networks are social, federated and service-enabled. Granular access is integrated. BYO is a given. Single sign on, security optimization, branch services and follow-me-data are essential for optimal productivity. Thinking in terms of relationships is also transformational for security.
Virtualize to Secure
Virtualization is a tailoring of computing to business needs, opportunities and innovations. This evolution is driving slow incremental changes to existing applications and processes while enabling wild innovation for those who start anewespecially for those who transform security through virtualization. Effective virtualization security protects mobility, collaboration and social computing through isolation of sensitive resources. BYO cannot be effectively secured without virtualization.
Multitenant is an ownership, management and security model, and it's the new reality in the world of cloud computing and BYO. A proven multitenant design is essential to proving compliance and privacy in clouds and other shared-ownership models. Designing for multitenancy to protect administrative, tenant and external services from each other is a must today. Good fences make for good neighbors.
Own Your Own
The need to manage the device is one of the first requests from IT, but it is no longer always desirable or necessary. With BYO, the worker owns the device. The organization needs to manage BYO access to sensitive dataand not manage the BYO device itself. Own what you manage, manage what you own. Own your own data. Own your own encryption. Today the question is, Do I really need to own devices, or just the sessions and data that will be utilized on them?
In Cloud We Trust
More than the simple measures of security, the ultimate goal of the cloud is trust. Cloud trust is built on the principles of security, privacy, transparency and accountability. From architecture to audit, as the cloud is increasingly used for identity, trust services, trusted collaboration and other innovations people, process and technology must support these core principles of trust.