Last month, we sat down with Sasi Murthy and discussed the pros and cons of BYOD (bring your own device) and outlined specific best practices for federal agencies to employ. Yet with the rapid growth of BYOD, we wanted to examine the buzz and take a deeper look into application control. We’ve reach out to Tim Chiu, Director of Product Marketing at Blue Coat for some insight:
Bring Your Own Device (BYOD) is one of the latest buzz words in security. In case you aren’t completely caught up with the news, it refers to the proliferation of smartphones and tablets that employees are bringing into work and attaching on to the organization’s network. One analyst estimates the average employee owns 2.4 devices that they bring into work and connect to the corporate network.
This brings a number of challenges to the agency, including how to enforce overall policy on these devices, which may not be managed by the agency’s IT group.
While typical web-access and web application policies may be enforced by the secure web gateway or proxy when the device is on the organization’s network, there’s the issue that mobile applications that are downloaded from app stores typically do not use the same websites, URLs and even commands as their web based counterparts. A secure web gateway that’s not ‘mobile application aware’ isn’t going to be able to enforce policy on the Facebook or Twitter app on the smartphone or tablet, even if it can enforce it on the same web pages.
For an agency that’s concerned with enforcing corporate policy on the network, having a secure web gateway that not only recognizes URLs used by mobile applications, but also one that has fine grained control over operations in mobile applications is key to being able to offer custom access to specific parts of applications as needed by different groups or individuals in the organization.
Mobile application controls are similar to web application controls, in that they offer the ability to limit access within an application, such as the ability to allow users to read a twitter stream, but prevent the ability to “tweet” out a message from the corporate network, which may contain confidential or secure location information. These controls can also prevent downloading and/or uploading of files on certain applications, like the file sharing application “Box”. That’s important to make sure the device doesn’t get infected and helps to prevent data loss of corporate information and assets.
The other challenge BYOD brings is around performance and bandwidth. While the secure web gateway may have enough performance and bandwidth for one device per employee, what happens when there is three devices in use by the employee and all three are checking and updating email and Facebook at the same time? These devices also have a bandwidth challenge when they download updates to their operating system and applications. For example, for Apple devices, iOS updates have been rather large lately, and if every iOS device downloads their updates during work hours, these updates can very quickly overwhelm a WAN link. BYOD only promises to increase the number of devices on the network as the tablet and smartphone market continues to grow.
It’s time to make sure your secure web gateway has up to date technology to handle BYOD and mobile applications, as well as enough capacity to handle the coming increase in bandwidth requirements.
To read more, go to the original post at http://bluecoat.com/security/security-archive/2012-07-13/byod-and-need-mobile-application-controls. This month, Blue Coat announced mobile application controls to give IT greater control over mobile devices on the agency network. Read more here.