Business love BYOD, and for good reason. Employees often consider the freedom to use their own devices a perk, and the enhanced mobility they have to access corporate applications and services can be a significant productivity boost. On the operational side, meanwhile, BYOD frees IT staff—and company budgets—from the burden of sourcing, purchasing, and supporting corporate devices. Ultimately, BYOD is a money-saver. In fact, according to a 2012 Cisco study, it can save companies "anywhere from $300 to $1300 per employee."
But BYOD isn't without its risks. A VAR cognizant of those risks, and how to mitigate them, is in a strong position to help customers build out secure BYOD security infrastructure, increasing revenues and strengthening customer relationships. Here are three BYOD security concerns to consider.
1. Mobile malware
These days, mobile devices serve as the platform for a universe of applications, almost all of them cheap or free and readily available for download at the click of a link. The dark side of this is the ease with which the authors of malicious software can now infiltrate mobile devices. Malicious code inserted into a seemingly innocuous mobile app on a device with access to a corporate network can quickly infiltrate and infect that corporate network. And network outages are just one of the many dire consequences of such a scenario. Mobile malware opens businesses up to stolen login credentials and the loss of sensitive, protected, or proprietary data. To help customers protect themselves, VARs must know the Mobile Device Management (MDM) and endpoint security options and how they integrate into their customers' overall security and network infrastructures.
2. Unauthorized network access
Closely related to the problem of mobile malware is the threat of unauthorized devices gaining access to corporate networks. When an organization opens up its internal network to employees' personal devices, it may also open its internal network up to connections from wholly unauthorized devices connecting for nefarious purposes. As with mobile malware, the threats are significant, with data exfiltration and network malfunctions among the worst. The security landscape is evolving to meet these threats, however. The Network Access Control (NAC) appliance and solution market is experiencing a resurgence in interest, with leaders like ForeScout developing new approaches to BYOD security. Here, again, you'll need to understand not only the solutions available, but how they integrate with the rest of your customers' security and network infrastructures.
3. Willful noncompliance
Unfortunately, as with any other corporate policy organizations will eventually have to deal with employees who refuse to remain compliant. Whether they're using their mobile devices to access or share corporate data in unsecured environments, or bringing unauthorized devices onto the corporate network, noncompliant employees pose a significant risk to enterprises' BYOD security. VARs who can combine MDM and NAC expertise with knowledge in DLP detection and enforcement products and user activity monitoring solutions will have an edge when it comes to BYOD security, which requires a holistic approach.
BYOD creates security challenges that cannot be ignored, and companies should not jump into it unprepared. As a knowledgeable VAR, you can be in the perfect position to impress customers with your ability to reduce their costs and improve their efficiency without reducing their security posture.
What challenges has BYOD created for your customers? Let us know in the comments.