Everybody likes "free." But that likeability takes a hard hit when "free" is combined with "network security", particularly when BYOD (Bring Your Own Device) issues are involved.
In the past, network managers had the luxury of dictating what security software was used across the enterprise, with expansive management suites enforcing the use of anti-malware technologies across both servers and workstations. Fast forward to the present day and network administrators have usurped most of their control over endpoints, simply because enterprises own fewer endpoints and are embracing BYOD ideologies to lower costs.
Therein lies the rub – enterprises are looking to save money by giving up on the management of endpoints and shifting that burden over to the end user, eliminating corporate oversight over PCs, laptops, tablets and other devices. After all, how can any company expect to take control of a user's personal property, especially if they use personal devices to access corporate resources?
What it means to IT managers
That has created a major conundrum for today's security conscious IT manager – one where access to resources displaces the requirements of security. There are some solutions on the market that offer ways to "enforce" security policies on any device that attaches to a network resource. However, those solutions are usually considered intrusive and expensive for most organizations – it all comes down to balancing access against productivity against security – a three-way contest, where policy enforcement often becomes the victim.
However, there is a way to incorporate some semblance of security into devices that are not owned and operated by corporate IT. It all comes down to enforcing a policy, where there is no additional cost to the end user. Simply put, BYOD initiatives will fail miserably if corporate IT takes control of the device or requires that end users purchase software. What's more, those paying the bills will often balk at the idea of buying software for users' personal devices.
Preventing the spread of malware
Success is usually bordered by compromise and with security concerns on the rise, that compromise comes in the form of enforcing the requirement that users must have some form of anti-malware on their BYOD elements. The trick is to allow the use of free anti-malware technologies.
While that ideology may be far from perfect, it can prevent the spread of malware and does offer some form of control for administrators looking to protect network resources. Paired with policy enforcement systems that vet attaching users to make sure an approved antimalware product is installed on the endpoint will help to protect both endpoints and networks alike.
Countless MDM (Mobile Device Management) systems are available, most of which offer a way to check what security products are installed on an endpoint, allowing administrators to define rules for access to corporate resources.
Combining those MDM services with the free antivirus
offerings from the likes of AVG, Avast!, Bitdefender, Avira, Panda and others
may be all that is needed to gain some semblance of protection and prevent BYOD
from becoming Bring Your Own Disease instead of Bring Your Own Device.
Use Tech Pro Research's downloadable BYOD policy as a template to create a policy for your organization. Tech Pro Research is the premium content sister site to TechRepublic.
Frank J. Ohlhorst is an award-winning technology journalist, author, professional speaker and IT business consultant. He has worked in editorial at CRN, eWeek and Channel Insider, and is the author of Big Data Analytics. His certifications include MCNE, MCSE, A+, N+, L+, and Security+.