Secure enterprise networks in the age of BYOD and the IoT
Rob Greer, ForeScout Technologies
When something is invisible, exercise caution and do all you can to reveal it and render it harmless. That’s the lesson the human race has learned from infectious micro-organisms—in many cases, the hard way. In enterprises today, writes Rob Greer, the chief marketing officer and senior vice president of products at ForeScout Technologies, where devices are constantly gaining access to networks sight unseen, fear of the invisible is certainly justifiable. But the good news is, IT administrators can put those fears to rest with currently available network access technologies that can largely “disinfect” the environment by making the invisible visible.
With the BYOD (bring your own device) phenomenon, IT administrators are facing a huge challenge that begs the question: How do you securely manage the onslaught of virtually invisible devices that are connecting to your corporate network?
And, speaking of visibility challenges, Microsoft is inadvertently piling on challenges with its free Windows 10 upgrade. Of course the company can’t be blamed for the increasing complexity of managing employee devices with disparate software versions. After all, it’s pretty great to get a new operating system for free, and users will be upgrading their personal devices to Windows 10 on a massive scale. The problem is, those newly upgraded devices won’t have agents on board, and in traditional endpoint security management, agents are what make devices detectable. So, IT administrators will need a non-traditional way to identify, evaluate and secure all the new Windows 10 endpoints connecting to their networks – and they’ll need it fast.
Windows 10 is expected to run on more than 350 million machines within its first year, and while “free” has accelerated its adoption, what truly sets this release apart from others is that Microsoft plans to expand Windows 10 to an unlimited number of devices via the Internet of Things (IoT). So, like the BYOD phenomenon, IoT is about to dump multitudes of invisible endpoints onto enterprise networks. Again, how to secure these connected devices is a critical issue.
Whether the challenge is BYOD, IoT or large-scale Windows 10 adoption, the solution is agentless visibility. Security through agentless visibility empowers IT to be able to see how many endpoints are accessing the enterprise network, and be proactive about only allowing compliant devices to access valuable applications and data.
One of the benefits to users of Windows 10 is that it enables a seamless experience across various device types. While BYOD is convenient for employees, it can wreak havoc for IT organisations. But BYOD is here to stay, and steps must be taken to safely embrace it. To provide a secure network, enterprises must consider:
- Compliance and information-sharing: Organisations must make sure that Windows 10 endpoints are compliant with their security policies and can share real-time context about Windows 10 devices with their existing SIEM (Security Information and Event Management), NGFW (Next Generation Firewall), EPP (Endpoint Protection) and patch management systems.
- Visibility at scale: It isn’t scalable or reasonable to expect IT to handle threats on both managed and unmanaged (agentless) devices as cybercriminal sophistication increases. Simply throwing people at the problem isn’t fiscally responsible, nor can it guarantee full visibility into all devices.
- Network segmentation and secure access: Network access must be enforced based on user, device and security posture so organisations can implement best-practice network segmentation for guests, contractors, business partners and employees—and yes, even IoT devices. This allows organisations to onboard Windows 10 devices brought by guests, employees, and vendors securely, and provide them access to only the network resources they require to remain productive. If you are somehow able to get your arms around your employee’s personal and company-issued devices, you’d be remiss to ignore the potential threat of visiting vendors, interviewees and delivery personnel.
Enterprise networks have become more complex as more devices demand access to them. Computing environments today include an accumulation of security products added over time, layered on top of each other vertically and laterally. Add the challenge of IoT, BYOD and free upgrades—such as the Windows 10 release—and the result is a complicated infrastructure where full protection from cyberattacks is a daunting task.
It might seem like a stopgap measure would be to block employees from upgrading to Windows 10, but that just isn’t realistic. Upgrades of this nature have become the norm, and it’s better to embrace, rather than fight, the growing trend. The last two years show that no matter how robust the external defences, a determined and persistent adversary can find a way to infiltrate a corporate network.
This is why security has never been more challenging or more important. Best practices for handling BYOD, IoT and the threats generated by them include robust network access management and agentless visibility. Removing security silos and practicing information sharing will go a long way towards thwarting cybercriminals, while enabling employees to keep their devices current.
With today’s network access control (NAC) technologies, it’s possible to make existing infrastructure and security tools (enterprise mobility management, advanced threat defence, enterprise mobility management products and others) work together as one truly integrated system—sharing contextual security insights, automating workflows and accelerating system-wide response without human intervention. The upshot is that you can achieve major operational efficiencies and provide superior security even in the face of massive trends that are seemingly working against you.
Agentless visibility combined with innovations that are vastly improving control of devices and orchestration of security tools—these are real breakthroughs. They enable IT security teams to be vigilant about all new types of devices showing up on the network, bolstering network security well into the future.