What underpins the Bring Your Own Device (BYOD) movement has been, at heart, a desire by individual staff members within businesses to use the devices they use at home – smartphones and tablets – at their place of work. They have wanted to use their own devices because they had them, and their employers have been insisting they use `old technology’ PCs and desktop systems.
There are now signs that a growing number of employers have realised that one of the chief weakpoints in the BYOD argument – the guaranteed provision of sufficient security on new devices that the business does not own – can be neatly circumnavigated by the business itself providing the devices. And that is what is starting to happen.
Which is ironic, because it coincides with a growing number of vendors – either singly or in partnerships – starting to produce new security services and capabilities for BYOD-oriented infrastructures.
Among the latest partnerships in this area is the recently announced one between ForeScout Technologies and SAP. ForeScout has introduced interoperability between its CounterACT network security system and SAP’s Afaria mobile device management (MDM) platforms. The combination is intended to enable companies to accelerate and strengthen the provisioning, administration and security of corporate and personal mobile devices, applications and data in the enterprise.
The partnership aims to provide users with the means to see and detect all unmanaged, corporate and personal mobile devices, such as iPads, iPhones and Androids and other devices attempting to connect to the corporate network via Wi-Fi or over-the-air. It can then apply security policies based on user, role and device in order to automatically limit user access, or manage visitors as guests, or enrol them in SAP Afaria MDM.
It can trigger SAP Afaria to run profile checks on managed devices upon network resource requests to detect jail-broken, rooted and non-compliant handhelds and to restrict access until the device adheres to policy. It can also run a range of user, device, application and data policies though network-enforced controls, such as password strength, configuration, application use, encryption and data protection.
The partnership provides powerful compliance rules engines, at the device and network level, that support on-demand and automated responses such as reconfigure, remote wipe and network reassignment. In addition, it provides unified visibility and reporting for all mobile endpoint devices including PCs, smartphones, tablets and laptops through the ForeScout CounterACT platform.