Applying NAC to mobile

Share this article:
Applying NAC to mobile
Applying NAC to mobile

The past year has seen a substantial increase in the number of solution providers for mobility. Most of them fall under two broad categories: MDM (mobile device management) and MAM (mobile application management). While there are different solution models between these two core platforms, MDM, at a general level, focuses on the device management lifecycle. This includes device registration – access to standard collaboration applications, such as email, calendar and messenger – access termination, or registration revocation. MAM, on the other hand, is driven by the mobile apps market, and provides a controlled platform to push custom-built applications or applications from the public marketplaces. 

By now, every well-established procurement and support group has the process down for getting a new laptop or PC model into the network with its asset lifecycle management. But, what is the asset lifecycle management for mobile devices? Should they be vastly different? Not necessarily, but the additional differentiator here are the nonstandard devices. It becomes impossible to create an asset life cycle for every personal device out there. So, is there a practical way to open selective doors of the corporate network for bring-your-own-device (BYOD), while providing reasonable security controls and meeting regulatory requirements? 

Network access control (NAC) has been around for a while, primarily morphing to maturity in universities and academic institutions. But, within the past two years, NAC providers have seen substantial growth both in solution development and adoption. At a broad level, NAC, or device access control, vets the device that is connecting to the network against a set of published policies, rejects or remediates devices, and authorizes a device to a specific network based on its characteristics and organization policy. This approach can be adapted to mobile devices, as well, with reasonable efforts. 

A more substantial enterprise mobility framework can be conceived with a combination of NAC, MDM and MAM based on organizational requirements. For instance, to visualize a solution model for email, calendar and Wi-Fi access for BYOD, a multiplatform MDM solution can be used for registration that will also subscribe the device to receive email messages, access calendar and, in some cases, allow corporate instant messaging. 

As the organization evolves and resolves applicable privacy, usage policy and apps support concerns, NAC controls can be optimized for greater access while still delivering effective security controls.

»Quick Tips

One size doesn't fit all:

Don't get caught in the whirlwind of BYOD, says Viswanathan. Evaluate the options, possibly with the help of a third party, to understand the true benefit of adopting BYOD. 

Plan and communicate:

Develop a clear roadmap on how you see mobility playing out within your organization, says Viswanathan. Socialize and get consensus with the right leadership team. 

Keep it simple:

Start small with a pilot program by identifying an MDM solution and launching BYOD for one flavor of popular mobile devices. Optimize as you go and expand the rollout over a period of time.

Managing devices:

With a split wireless network, policies defined in NAC will “interrogate” the BYOD unit and can reject, e.g., jail-broken devices, or allow devices to connect to a  BYOD network.

Share this article:
close

Next Article in Opinions

Sign up to our newsletters

More in Opinions

Unfair competition: Proactive preemption can save you from litigation

Unfair competition: Proactive preemption can save you ...

With each job change, the risk that the new hire will bring confidential information or trade secrets with him or her to the new company grows.

Hackers only need to get it right once, we need to get it right every time

Hackers only need to get it right once, ...

Hackers only need to find one weak point to steal valuable information. On the flip side, security pros need to account for every possible scenario.

Successful strategies for continuous response

Successful strategies for continuous response

While it isn't realistic for organizations to expect that it will never happen to them, a rapid, professional and continuous response can limit their scope and reputational impact.