Trade Resources Market View It's Not Possible for an Organisation to Be Aware of and Secure Every Mobile Device

It's Not Possible for an Organisation to Be Aware of and Secure Every Mobile Device

It's not possible for an organisation to be aware of and secure every mobile device on the network, not matter how much the IT department tries, because staff will always connect their own smartphones and tablets to the office wireless connection.

That's according to WWF head of IT Dave Southern, who has recently overseen the development of a new wireless and cloud-based IT infrastructure as part of the animal welfare charity's move to its new headquarters, the Living Planet Centre in Woking, Surrey.

Further reading Bring your own lawyer: the legal perils of BYOD The secret to BYOD? Make users your security staff, advises Intel The future of cybersecurity and BYOD at Network Rail

"We have three wireless networks. Everyone is connected wirelessly with no cables running to desks to reinforce the philosophy of hot-desking. We also have a visitor network and a BYOD network. What we've said to people is they can bring their own devices and connect to our BYOD network rather than our staff wireless network," he told Computing.

The separate BYOD network was born out of not being able to identify every single device staff bring; this way the arrangement at least keeps their smartphones and tablets away from the main WWF network.

"In my view we'll never be able to secure every single device we don't know about that connects to our network," said Southern, who explained that a large part of WWF's security policy revolves around ensuring employees are aware about potential threats and how to protect against them.

"We've made staff very aware of their responsibilities regarding security," he said. "We've made sure that the policies and awareness have been communicated effectively, so rather than technically trying to control end-point devices our approach has been to empower the staff to be more responsible for security."

Southern argued that there's a "cultural awareness" surrounding BYOD that IT departments need to be sure all employees of an organisation are aware of.

"I'm not of the view - like some heads of IT - that they can secure every single device whether you own it or not. I definitely think there's a cultural awareness with BYOD," he said.

Even though it is a charity, WWF has been targeted by cyber criminals and hackers and certailny cannot afford to be complacent about its cyber security strategy.

"We do get people who would like to deflect our donations to places where they're not intended to go," said Southern.

"We've employed firewall policies; we've got Cisco's Borderless Network deployed; we're regularly audited for network security; and we have regular penetration tests by an independent third party," he said, adding that outside security experts can be brought in if necessary.

"We're vigilant, and we've ensured that any expertise that we need to supplement our own skills in-house is available to us as well," said Southern.

"So we're definitely vigilant, because there are people out there who want to attack us. WWF is a very public-facing organisation and we have to be very careful and our reputation is very strictly managed as is our brand. We have to be as secure as we can," he added.

Source: http://www.computing.co.uk/ctg/news/2305399/byod-is-fine-but-only-on-a-dedicated-network-says-wwf-cio#comment_form
Contribute Copyright Policy
Byod Is Fine - But Only on a Dedicated Network