The advantages and security risks of Bring Your Own Network, or BYON, don’t just apply to the personally-owned devices of workers, but potentially corporate-owned ones, too. Not everyone agrees, though.
The difference between newfangled buzzword and accepted industry term is totally subjective. Maybe this isn’t the best example, but I once wrote a story where I mentioned VCs in passing. The copy editor asked me why I was writing about the Viet Cong.
Bring Your Own Network, or BYON, looks set to become as (in)famous as BYOD, at least judging by the amount of (negative) attention it received in its first month.
BYON describes how the number and variety of networks and cloud services accessed by mobile workers, often at the same time, is exploding, just as the number and variety of mobile devices carried by employees exploded as the result of BYOD.
“[BYON] allows people to run applications in three different cloud-based environments at one time because they’re on their own network, they’re on a network that they contracted with and they’re on the corporate network,” an intellectual property lawyer, Jim Kunick, told Computerworld.
For instance, a worker could be downloading confidential corporate data from a public cloud hosting site like DropBox on his tablet while logging into their corporate network and sharing a public Wi-Fi hotspot with his co-workers.
All of this, especially the popularity of public cloud storage sites like DropBox and Box.net, puts corporate data and apps that once resided safely behind the corporate firewall at new risk to malware or hackers.
“The network thing blows this up completely, because it takes the data out of the network the company protects,” he said. “There’s no way to ensure the security of that data. People are running corporate apps and processing corporate and client data using networks that may or may not be secure.”
Also read this piece about BYON in Network Computing.
Bring Your Own…Neurosis?
But is BYON as bad as it’s made out to be?
Chris Witeck, senior director of product marketing at remote access provider iPass, says there are many steps you can take to make sure devices aren’t vulnerable.
“You can protect them by making sure you don’t allow any unauthorized access,” he said. “Then, the chance of getting access to data becomes slim to none.”
(Interestingly, iPass has been trying to define BYON to describe when remote or traveling workers “bring” wireless Internet access with them through a global Wi-Fi network such as iPass and its 150,000 hotspots, rather than rely on free Wi-Fi hotspots or potentially-flaky cellular coverage. See their white paper here.)
Policies as described by Witeck can be created using mobile device management (MDM) software, says Amit Pandey, CEO of mobile device security vendor, Zenprise.
“If you manage data access properly and have the right protections in place for your sensitive data, you can mitigate that risk,” he said.
Others, like John Thielens, chief security officer for Axway, a provider of secure communications software, point to new alternatives to combatting the risks of BYON, “whether it be new approaches to firewalls and network security, new approaches to identity management, desktop virtualization, content classification or big data analytics for security or SLAs.”
He says that the bigger risk with BYON is that as with BYOD, IT departments become afraid and attempt to reject it.
“The risk in asking whether the trend toward more departmental or decentralized IT consumption causes security risks is that IT steps in and says ‘no’ in the name of security,” he said. “Security, and other forms of corporate policy, are part of what distinguishes enterprise IT from consumer IT – but the need for IT to innovate is greater than ever in the face of BYON, BYOD, etc.”