It’s hardly a secret that BYOD (bring your own device) is the dominant trend among employees, in small and large businesses alike. Gartner predicts that by 2015, there will be nearly 300 million tablets and two billion smartphones used by workers. IT teams have discovered that it is impossible to buck this trend and they are learning to embrace and manage it. The employees’ main motivation to use their own devices is both the comfort level with their personal devices and anytime, anywhere access to information from their organization’s databases and servers. Among the remote access technologies that are contributing significantly to solve these issues is virtual private network (VPN) technology.
The benefits of BYOD are well documented. Employees enjoy increased mobility, ability work on a preferred device, and have anytime/anywhere access to information and applications. However, the downsides have also been well publicized . A recent survey conducted by Osterman Research found that during a typical month, 4.3 percent of network endpoints become infected with viruses or malware, which translates to 52.1 percent of endpoints over the course of a year. The average time to remediate a single endpoint is 72 minutes and 5.2 percent of IT staff time during a typical week is spent on email security management alone, the study found.
Why is it that employees’ own devices present such a big risk for the company IT? IT teams are unable to centrally manage them, as they don’t belong to the company. For this reason, IT is unable to implement pre-existing security policies; especially those that foresee an administrator personally managing the devices, loading it with security software, etc. New security policies, which take into account that the employee doesn’t particularly want to have his own device remotely controlled by an administrator, are available but have to be implemented. Innovative remote access solutions already resolve a large part of the problem on the technical level, so that the user need not be too strongly restricted.
For small and medium businesses, and enterprises alike, where employees must connect to a local network, VPN is the critical technology. Tunneling into local area networks (LANs) across a VPN enables users to access files and/or control the applications on in-office equipment that are required to complete daily projects regardless of device or location. Only an Internet connection is required.
Allowing BYOD introduces vulnerabilities at many layers within the network, and as a result, there are many ways IT teams must address these risks. The first step is to reduce the risk of a device becoming infected and transmitting the malware into the company network. Some organizations require that a user’s device have specific antivirus and management software installed before it is allowed to connect to a network. Enforcement is sometimes difficult when the device belongs to the employee. Modern remote access solutions protect the company network effectively, without having to intervene on the employee’s device. They can, for example, check files for viruses, and if necessary, remove them while these files are being downloaded.
Another part of this initial step is ensuring that personal devices can only connect to a network via a VPN versus a direct connection, even when the user is on site. IT teams can also prevent a user from opening a second, parallel Internet connection as long as the user is connected with the company network. This effectively prevents malware from using this way to enter the company network.
The secure tunnel of a VPN is a must since it prevents cyber thieves from gaining access to any information as it travels between locations. Employees working from personal devices may be tempted to email documents, but the security of this email can never be guaranteed. Emailing documents also requires employees to store content on their personal devices, exposing that material to theft. VPNs can allow the employee to access, work on and store their content on the local network without any data ever being stored on the used end device.