Strong Policies A Must for ‘Bring Your Own Device’

The trend for Bring Your Own Device (BYOD) is accelerating. Increasingly, workers are using their own devices for work. In the case of smartphones, they are even paying for their own monthly plans. As a result, more organisations are opening up their networks to non-corporate devices and are seeing everything from employees’ iPads to the latest Android gadget walk through their doors.

The proliferation of personal devices in the work environment paves the way for untold efficiencies and increased productivity, not to mention lowered carrier costs. Studies have found that employees are happier and more efficient when they use devices and applications of their choice for work.

However, surprisingly few firms have policies in place to adequately secure the influx of mobile devices entering the workplace. Without these policies, many have no choice but to say no to the devices, and consequently to greater productivity and higher cost savings.

An independent survey of 300 mid to large enterprise IT decision makers in Europe, commissioned by global security specialists Fortinet, found that 60% of respondents are concerned about their ability to secure corporate data in this new user-led IT environment. Most companies are not confident of, or do not have the means to secure personal mobile devices and 66% of respondents say they only allow the use of corporate devices onto which security policies can be enforced. While 21% of enterprises place responsibility for securing personal mobile endpoints directly with the owners of those devices − a dangerous practice.

It is easy to understand an enterprise’s reluctance to embrace employee-owned devices. Generally, these devices are devoid of the most basic security features incorporated in practically all workplace PCs. Meanwhile, the agility enabled by personal devices means that business critical apps will be accessed from any network in any location, leaving a staggering amount of sensitive data on the devices, whose exposure could be highly detrimental to the business.

However, it’s getting tougher for firms to say no to BYOD. So what’s the answer to managing the security challenges? Here are three IT measures that would provide some peace of mind for organisations:

Implement A Relevant Mobile Policy:

Organisations should take time to assess their goals and determine relevant threats to the network (e.g. malicious websites, productivity loss, excessive bandwidth usage). Key questions to ponder are:

  • What applications are required, and which are not permitted?
  • Which employees will be allowed to use these devices?
  • Who has network access based on who, what, where and when?

Companies should also control access based on the need-to-know, and conduct continuous vulnerability assessments. And they need to enforce the policies they have laid down.

Remote Management Software:

It’s important to be able to apply the range of basic security functions such as antivirus or remote data wiping software to any device housing corporate data. Remote management software gives IT the ability to automatically update users’ devices with the latest patches to prevent any existing vulnerabilities from being exploited. Firms should implement centralised remote locate, track, lock, wipe, backup and restore facilities so they can protect, retrieve and restore corporate data on lost or stolen mobile devices.

Blocking Non-Compliant Devices:

Workers are often eager to use their personal devices for work but reluctant to install additional software − some of which might have the potential to wipe their personal data from their phone, tablet or laptop. As a compromise, firms could allow their workers to use their own devices IF they agree to install certain apps in accordance with the organisation’s security policy. An alternative solution could be the use of dual persona phones that have two logical partitions – one for professional and the other for personal usage, with IT having complete control over the professional partition.

Ultimately, in order to effectively protect their corporate networks and data from potential threats from mobile devices, organisations must handle the security issue at the network level rather than at endpoint level. However, it is very difficult to protect individual phones and tablets by using security agents. Mobile devices often do not have enough computing power and there are too many types of OS and devices to maintain up–to-date agents. User-wise, it is very difficult to enforce the installation of security software on personal devices that employees bring at work.

The only effective solution is to make sure that the core network is protected and that the enterprise can control both inbound and outbound access to the corporate network from external devices. This network security strategy requires strong control over users and applications on top of device management. It requires IT organisations to have the power to detect and control the use of applications on their networks and endpoints based on application classification, behavioural analysis and end-user association, and to detect and control web-based applications at a granular level, including inspecting encrypted application traffic, regardless of ports and protocols used.

Organisations need to put in a fair amount of effort to adapt and switch to a new way of supporting their employees, but there is no alternative − BYOD is here to stay and IT managers just have to get ahead of the curve.

 By Mark Hyland, UK Country Manager, Fortinet

Is The Mobile Optimisation Message Really Getting Through?

It’s no secret that we are becoming a global community of smartphone worshipers. With year on year increases of adoption looking more and more like phone numbers, the mobile web is, without question, the new frontier for online business. And with any new frontier, there will be those who understand the terrain and find gold and those who don’t … and find rocks.

Web adoption itself, back in the 1990s and early 2000s, was, undoubtedly, a phenomenon. Developers dashed, money flowed, bubbles grew and investors got very rich, or very poor, very quickly. It was a time of mass conjecture about consumer demands & behaviour which spawned the greats such as Amazon, Ebay & Google and spurned the not-so-greats – you might have to, er, Google boo &

The current speed of adoption of the mobile web is 8 TIMES FASTER. Yes, 8 times.  And it’s not just idle traffic either. Online consumers are no longer the wide-eyed wanderers who would marvel at a moving image on their computer screen, they are now informed, impatient and agile and the mobile web is rapidly becoming their new playground.

In a recent survey of mobile web users carried out by the Compuware Corporation; 71% expected websites to load as quickly on their mobile phones as their desktops with 74% only willing to wait five seconds or less for a page to load. 46% would be unlikely to return to a website that they had trouble accessing via their phone and 34% said they’d likely visit a competitor’s mobile site instead.

So, what if you’re doing it right?

While the highly negative impact of an inadequate mobile presence is there to see, for businesses that are doing it right, it seems there is a similarly dramatic, positive pay off.

A recent study by web analytics solution, KISS Metrics, showed that a site optimised for mobiles is able to generate almost twice the average traffic per user than sites which haven’t. And it’s not just user engagement which is enhanced; the research suggested that, on average, visitors are 51% more likely to actually do business with an online retailer if it has a mobile site.

Given the compelling evidence on the benefits of mobile optimisation, it seems staggering then that, in a study carried out by Magus in partnership with Investis, still only 20% of the UK’s largest corporations currently provide support for mobile devices.

Slow on the uptake

The apparent lack of endeavour by business to go mobile seems to be predominantly due to;

  • The sheer speed of growth of the mobile web which has meant that even larger businesses with strong strategic focus and awareness of the opportunities are struggling to keep pace with a domain that is evolving so rapidly.
  • Businesses having to re-educate themselves and evaluate how to best transfer the functionality and consumer experience which has been developed for their desktop sites, to the different priorities and requirements of their mobile visitors.

The way forward

As is commonly the case, businesses with foresight who adopt early will see the greatest benefits in the gold rush.  With the current speed of changes taking place with the mobile web, even brand new enterprises, which enter the field fully understanding the mobile game, will likely enjoy huge rewards while recognisable heavyweights which don’t catch on quickly enough, might well see themselves disappearing out of view.

Go mobile now

Unlike the early days of web adoption where getting a company website up and running was potentially time consuming and costly, getting a mobile optimised site these days can be cheap and quick. With services such as goMobi from Daily Internet, a mobile site can be created from an existing website dynamically within minutes and then modified wherever required. While some businesses will want nothing less than a feature-laden bespoke solution, the DIY approach can ensure an almost immediate branded mobile presence.

Create content with mobile in mind

Web content is, even now, commonly created with a one-size-fits-all mentality. In order to properly engage mobile customers, consideration must be given to creating stand-alone content which is mobile specific, tailored to the requirements and priorities of people on the move.

Mobile marketing & strategies

Due to marketing to mobile users still being a relatively new technology, data remains scarce on its power and ROI but, with over 13% (and growing rapidly) of all UK web traffic now coming via mobiles, it deserves serious consideration in any marketing strategy.

And if none of the above has convinced you, take it from someone who’s had his share of online success, Google CEO and Chairman of the Board Eric Schmidt who recently heralded “mobile first in everything” as the new rule at Google.  Enough said.

By Abby Hardoon, CEO & Founder of