Mobility and BYOD5 Aug, 2014 By: Eric Stavola, MSCIS,MCSE,MCSA,N+,CDIA+
Today, according to a recent study done by Cisco, there are almost as many mobile devices (7 billion) as there are humans on the planet, and by the end of last year, the number of mobile-connected devices will have exceed the number of people on earth.
Some other facts from recent studies and research find:
- By 2017 there will be nearly 1.4 mobile devices per person.
- Monthly data usage doubled to 1.38 gigabytes.
Directors and IT leaders have always been conflicted with the battle over “Functionality V.S. Security” and with the recent findings it’s no wonder they had to implement current Bring Your Own Device (BYOD) planning and initiatives. Thus, A large number of companies today have the need to support Bring Your Own Device (BYOD) initiatives to allow end-users to use personally owned mobile devices for business use.
BYOD programs are typically implemented to meet the demand for employee satisfaction and productivity, but employee adoption and success depends on clear understanding of the separations between organizational data and personal information on the device.
Security has and always will be a key concern when dealing with IT/MIS personnel. In the copier and printer realm, we used to perceive the topic of security as simply limiting copies or prints via account codes. However, with industry hardware improvements in equipment, the addition of hard drives, applications, cloud connections, and now encompassing the BYOD concept of most companies, it’s easy to see why Security is a hot talking point in today’s market.
In efforts to help develop a talk track, I felt compelled to highlight a few key points when addressing “Mr. IT”. Though most might assume what it is, let’s be sure we’re all on the same page.
What is Information Security?
The term information security describes the task of guarding digital information, which is typically generated by a computer or copier and stored on a hard drive, cloud, network, mobile device, other storage media. When our information is seen as "secure," it ensures the user, or in some cases your client, that protective measures have been properly implemented.
How do I secure the data on my copier (HDD)?
When talking about data on a copier or printer (HDD) it helps to understand that there are two types of data:
Most end users know about their active data, however, the temporary or transitional data needs to be addressed and will be of concern to Mr. IT. Most manufacturers today have some type of data security kit to address this issue. Most security kits will overwrite the data anywhere from one to a number of times. In order to meet ISO 15408 certification, data needs to be overwritten 3X times.
What are other talking points to maintain security but still allow the functionality of BYOD?
True security will come in the form of layers. There really is no one way to make a anything 100 percent secure, however, if we utilize all the features we have available we can address the majority of Mr. IT’s concerns. An easy way to do this is by remembering the Three A’s: Access, Authentication, and Accounting.
ACCESS: This is a predetermined level of access to resources of information.
Access Control – Ensure that only legitimate users/traffic are allowed on the network or on network devices. BYOD this makes a task extremely challenging for IT personnel.
Physical Security – Against theft, loss, manipulation, availability, and confidentiality.
BYOD Helpful Access Questions:
- What Mobile Devices will IT support ?
- What Operating Systems Will IT support ?
- What applications are prohibited on Mobile Devices ?
BYOD Access Talking /Pain Points:
- Mobile access and functionality of printing needs and Data
- Google APPS & Office 365 – Manny companies and Educational facilities have made the leap to one of these cloud based platforms. By associating your HW or Service offering with access and use from and to these platforms will be of key interest to MR. IT
AUTHENTICATION: The positive identification of a device or individual seeking access to secured information, services, or resources on the network.
BYOD Helpful Authentication Questions:
- What Mobile Devices are safe enough to be granted Network access?
- Do they have to have Network Access?
- What are your Group policies as to BYOD?
BYOD Authentication Talking /Pain Points:
- What are your Group policies when it comes to BYOD?
- Do you require the need for Password reinforcement with BYOD?
- Set or Strengthen your passwords: In my experience only about 20% of users change or set the default passwords to their copier , printer web interface , or hardware Mobil access
ACCOUNTING : This is simply the logging of use of each resource on the network.
Accounting Talking Points:
Limited Access: Oversight for critical devices including MFPs, printers, and scan stations.
Tracking: Most copiers/Printers have free features that allow Mr. IT to track usage.
Take advantage of the free utilities: Most manufacturers provide an abundance of free utilities to address accounting; use them.
BYOD Helpful Authentication Questions:
- What is your WIFI access policy on Mobile Devices
- Do you allow full Domain Access? – Mobile Devices need to be joined to the Domain for Ease of use, Network Sharing, and Authentication
- What Monitoring Software do you utilize for support and application control from Mobile Devices
Almost every company you walk into today will have some type of network security policy already in place. But a great way to address any security concern is to then show all the features that your product and services have to integrate, as well as address their currently set policies – for the better.
Our MFP’s and copiers have all the makeup of a computer. We simply need to tell the security story to our clients and explain all the feature rich benefits and utilities to allow for feeling “secure” - and that your product will fit into their network environment. What you will provide is layers from a hardware, software, and services standpoint that will not only address their questions but, when explained correctly, will enhance your overall sales process.
Eric Stavola, M.ED, MS.CIS, MCSE,MCSA, CDIA+, N+, is Chief Operating Officer, WITT-COMPANY, based in southern California. (619) 379-3009 (cell) or email: firstname.lastname@example.org