Impact of BYOD on your Network & How to Handle it

If organizations allow their employees to bring personal devices to office, then they also have to gauge its impact on their network's performance. Because suddenly, the number of devices connecting to the network will increase manifold, given that most users carry smartphones and are increasingly connecting to the Internet with it. Plus, a lot of users also carry tablets, which also connect to the Internet over WiFi. We spoke to three experts from A10 Networks, Array Networks, and ProPalms Networks to find out how significant is this impact, and which technologies are available to handle it. Here's what they had to say.

__________

"Application Delivery Controllers can help organizations restrict the number of available ports to each user to prevent over-consumption"

- Shalendra Singh, Country Sales Manager, A10 Networks

Impact of mobile user growth on network performance and reliability

In today's office environment where most laptops are connected to the corporate network via Wi-Fi, there is the risk that the increase of BYOD devices will cause an unexpected traffic increase and associated network performance issues. Mobile devices such as smartphones and tablets send much more signaling traffic than laptops. In order to extend battery life, so-called "always-on" applications (email, social networking, gaming, news, etc.) on these devices continuously open and close Internet connections. This means the number of connection setups on the network increases significantly. For example, when many smartphones are connected to the Wi-Fi network, mobile applications open many TCP ports and consume a large number of available resources, potentially making the Wi-Fi network unstable. This will lessen the availability and user experience of mission-critical applications that are running on the Wi-Fi network, resulting in reduced business productivity.

Key network design considerations for a ‘Mobile-First' strategy in the enterprise

The implementation of Application Delivery Controllers (ADCs) can help organizations meet the demands of mobile user growth. ADCs can increase the performance and reliability of the network with a redundant high availability (HA) configuration and restrict the number of available ports to each user to prevent over-consumption. In addition, there is a need for stringent network design and enhanced security policies to allow mobile users to access Web and business applications while protecting network resources from unauthorized access. For example, a higher level of secure access should be required when CxOs access the corporate network from mobile devices and various types of QoS (Quality of Service). Traffic redirection/prioritization policies by user privilege, device type, etc. can be enforced by Layer 7 optimization. Also, by using an Application Access Management feature, ADCs can centrally manage various authentication servers and act as a single authentication point for these applications. This not only enables seamless access to mobile users, but also enhances security and increases server efficiency by offloading authentication processing from authentication servers.

__________

"A quick logical/ physical segregation of user LAN and server LAN would help enable BYOD.n"

- Shibu Paul, Country Manager - IN, ME and ASEAN, Array Networks

Impact of BYOD on the network infrastructure, bandwidth, access, etc.

A few years ago, IT was in the driver's seat - issuing managed desktop PCs, laptops and mobile phones. With full control, IT could deploy software and enact policy as needed to ensure security and maintain compliance. Today, the trend of ‘Consumerization of IT' or ‘Bring Your Own Device (BYOD)' is here to stay. At the top, executives are demanding tablet access to business applications. Among the rank and file, employees are bringing personal devices to work irrespective of IT policy. Within the enterprise, mobile access and BYOD poses two key challenges. The first is security because every mobile device connected to the corporate network is a threat, and every personal tablet and smartphone introduces the potential for data leakage. The second is lack of native enterprise apps. While this will change over time, there exists a significant gap between the volume of applications used in the enterprise and those that are available as native mobile apps.

Re-orienting your network infrastructure to support BYOD

A quick logical/ physical segregation of user LAN and server LAN would help. Users would be able to access any kind of data from the user LAN as per the company policy like email, chat, browsing, etc which are potential sources of leakage of corporate data. All corporate data will be accessed only from server LAN where the Internet, email and potential leakages are stopped. The users wouldn't be able to copy-paste, clipboard any data from the server LAN to the user LAN. When they access the corporate data from the server LAN, then it would be a DLP framework where the user wouldn't be able to pull out any data from the server LAN and hence would be able to have a mix of both without compromising data in anyway and also give developers and users to be productive and not be worrying about data leakages. This would also significantly reduce administrative overheads to constantly scanning for vulnerabilities, auditing and spending time writing a lot of security policies. With this kind of a framework, it would even address the BCP requirement of any company where it gives access to the company desktops without compromising the data which would help users work from anywhere and anytime using any device to securely access the corporate applications in case of natural disasters, strikes etc.

The minimum required bandwidth would be 32 kb per user as it would be a KVM to the server LAN and there wouldn't be any data transfer except keystrokes. The access would be on a SSL 2048-bit connection with 256-bit encryption. The increased risk of data leakage to BYOD is more. There is a huge accumulation of corporate data and each user may leak the same.

This framework also addresses the work-from-home solutions where users would be able to use their home PCs, tablets & smartphones to securely connect their office desktops and start working like they are in the office using the same authentication and security policies of the company.

__________

"For successful BYOD implementation, it is important that users are not restricted from using their personal device for personal usage on the corporate network."

- Vijender Yadav, Director and CTO, Propalms

Impact of BYOD on enterprise applications

One of the most talked about concepts after mobility over last couple of years in Global IT markets has been BYOD (Bring your Own Device). The term itself was introduced in India in 2011. As the concept was derived from objectives like reducing cost of IT, and use of mobility for business enhancement; acceptance for BYOD in Indian market was very high in the initial phase as compared to global markets. There are many CXO who took BYOD initiatives in their organization. Few of them were able to roll it out successfully; whereas in many environments, the roll outs were not so successful. Enabling BYOD may sound as simple as extending your organization's resources to employees' devices, but it requires attention and changes in multiple areas in a given IT set up.

Right from connectivity, setting up device standards for BYOD, device enrollment or authorization, application availability and compatibility with varied end user devices, device based granular resource access control, security of enterprise network from threats like viruses, trojans, malwares, etc., controlling business data over user device, security of corporate Intellectual property or assets while extending access to unmanaged devices, and few other aspects.

Today there are many different technologies like MDM (Mobile Device Management), MAM (Mobile Application Management), DLP (Data Leak Prevention, Mobile security Software, etc. that are available to address these concerns. However, there is no unified solution available as on date.

Key network design considerations to provide access to enterprise apps over user devices

For successful implementation of BYOD, it is important that the organization should not restrict users from using their personal device for personal usage. The moment an employee feels that he is not able to do his personal tasks on his device, he becomes reluctant to use his device for business purpose and as a result, the roll out of the entire project fails. Therefore, it is very critical for CXOs to maintain a balance between security, compliance and user acceptance in order to make any BYOD project successful.

Also, investing huge amounts over making applications device compatible is also a challenge which reduces business viability of BYOD projects in many cases. One simplified and effective approach that a few CXOs have been taking in the recent past is that rather than investing huge amounts over application compatibility and device management, they used age old application/desktop delivery, VPN, NAC like technologies to extend resources over employee devices. Using these mechanisms they were able to extend business resources over various devices, with a minimal add on cost and inherent data security and compliance features. This approach turned out to be a more cautious and successful approach as user acceptance was high and Cost of Ownership was very low. At the same time as data is at the server end therefore data security gets achieved at minimal add on cost.