The $64,000 BYOD security question

Should we tackle Bring Your Own Device (BYOD) challenges at the front end with users themselves, or at the application and service level closer to the network layer infrastructure that our end points connect to?

This is, arguably, the $64,000 BYOD question.

The answer (as it always is with things of this nature) is both i.e. moderation and balance in all things from your salt intake to your firm’s BYOD policy.

Security firms spend countless pennies on blogging and social media driven initiatives explaining that this is a front end user education driven imperative and that (with security layers in place of course) we can “guide” users towards safer behaviour patters.

Meanwhile firms like F5 Networks are aiming to provide the foundational element to this equation with products that provide mobile application management capabilities to support enterprise BYOD initiatives.

The firm’s release of F5 Mobile App Manager this week is positioned as hybrid cloud solution that allows IT managers to “extend” corporate applications and data to employees’ personal mobile devices — while leaving all the personal content under the control of the device owner.

This product combines policy management and secure application delivery technology and F5 is being bold and brash about its potential effectiveness

It is “fundamentally different” from BYOD 1.0 Mobile Device Management (MDM) solutions, says the firm.

But how can this be so?

F5 asserts that this new release securely connects “only corporate applications” to the enterprise network – plus it manages “only the enterprise content” and applications on a device rather than the entire device itself.

Employees are argued to prefer this approach because it isolates their personal data from corporate oversight yet gives them the convenience of using their own mobile devices for both work and personal use.

“For IT organisations, F5 Mobile App Manager relieves the burden and responsibility of managing employee-owned devices while still enabling them to control device access to their network, track inventory, monitor threats and vulnerabilities, and protect corporate information,” said Mark Vondemkamp, VP of security product management at F5.

“As a hybrid cloud offering, F5 Mobile App Manager opens up new opportunities for enterprises that have not yet embraced BYOD, enabling them to do so without incurring the expense of deploying and managing yet another solution in their own datacentres,” he added.

A combined and balanced approach with a segmentation of corporate versus personal content control then – too good to be true and tough to implement or a godsend?

… we shall see.

F5 security.png