Software defined networking (SDN) and Bring Your Own Device (BYOD) are among two of the hottest communications trends to hit the enterprise in recent years, and you’re probably at least somewhat familiar with both. But have you seen the connection between the two yet? While at first glance, the decision to allow employees to use their own devices for work purposes might seem worlds apart from the abstraction of network intelligence out of hardware and into a centralized software controller, the fact is that SDN and BYOD have a connection, and it’s a big one. In short, SDN can greatly enhance BYOD security. Let’s take a look at why and how.
BYOD and the enterprise network
When an organization opens its doors to BYOD, it opens up its network to potentially vast numbers of unfamiliar devices more or less outside of company control. This creates a very different environment than one in which only company-owned, IT-configured devices have access to the company network, for several reasons. The biggest reason is that opening the door to employee devices often has the effect of opening the door to many more devices. It’s not just one laptop or desktop per employee anymore. Instead, it’s more likely that an employee will walk in the door with a laptop, a cell phone connecting to the corporate network to conserve mobile data, and perhaps a tablet or other handheld or wearable device on top of that.
All those devices add up to a much greater number of potential attack vectors for malware, viruses, and hackers to exploit. They also provide many more avenues for corporate data to be accidentally or intentionally exfiltrated. Data breaches, as we know from the succession of high-profile ones this year alone, can cause privacy and compliance violations that expose the organization to the ire of regulatory bodies and the wrath of the public.
Mobile Device Management (MDM) and Enterprise Mobile Management (EMM) solutions can greatly strengthen BYOD security, of course, but SDN can go even further thanks to its emphasis on policy, automation, and automated, policy-driven network and traffic shaping capabilities. Security policies and access privileges can follow a user from device to device, for example, allowing for consistent enforcement no matter what endpoints a user connects to the network. Additionally, bandwidth use limitations can be set based on user, application, data type, or even device. In addition to making large downloads of sensitive files harder to carry out and easier to detect, this has the side benefit of ensuring that limited bandwidth is optimally allocated, rather than wasted on unimportant activities.
Thanks to the conflict between increasingly strict regulatory compliance requirements and enterprises’ desire to cut costs and improve productivity through BYOD, the BYOD security market has become a large and thriving one with much to offer. But silos are rapidly breaking down within the enterprise IT environment. Networking and BYOD security are no exceptions. An organization with no interest in SDN is unlikely to adopt it just for BYOD, but as the SDN trend continues to gain momentum, more companies (BYOD ones among them) will be in the right position to leverage their software defined networking initiatives for BYOD security.
What other connections do you see between SDN and BYOD security? Tell us your thoughts in the comments.