Players change, But the BYO-X game remains the same

www.cyberoam.com

White Paper

IT ecosystems evolve to accommodate personal 'X' into workplaces,

and not just personal 'devices'.

DID YOU KNOW?70% of mobile professinals will conduct their work on personal smart devices by 2018.“

www.cyberoam.com | sales@cyberoam.com

BYOX – Bring Your Own X (Anything)Global enterprises today have evolved to embrace Flexibility and Productivity as success mantra.

BYOX model is synonymous with ''power to workforce''. Besides, the enterprises see the model as a

great tool to harness intelligence of personal smart devices. BYOX support, equips the users to work

with the X of their choice, where X can be a Device, Software, Application, Service or Toolkit. As a

result, personal work tools have proliferated very rapidly into the work cultures of all enterprises by and

large. Several aspects of the BYOX model must be considered carefully before the integration. It is

imperative to find the correct balance of user mobility solutions and business needs of the

organisation.

With the BYOX drive, consumer IT products floods all enterprises today. Employee driven IT purchases

such as smartphones, tablets or enterprise apps, extend the BYOD model. CEOs believe that IT

consummerization is not just cost-effective, but a great way to utilize the capability of smart devices

and powerful enterprise applications. With proper Mobile Device Management and Mobile Application

Management in place, enterprises can save on both cost and time.

[According to Gartner, by 2015, 35 percent of enterprise IT expenditures for most organizations will be

managed outside the IT department's budget.]

Consummerization of IT

A study confirms that 35% of employees feel

they need to work around a security measure

or protocol to be able to do their work

efficiently. It's an unapproved file-sharing

software, it's an anonymous proxy, its Shadow

IT. Shadow IT is not a new concern to IT

security, but its growth definitely is. With the

increased use of mobile devices for SaaS and

other applications, unaccounted access

through these devices poses a great threat to

enterprise security. Security-enablers usually

have a tough time curbing access of personal

devices brought into the workplace. The

challenge lies in segregating and securing

internet traffic generated by mobile devices,

where blocking traffic selectively is a difficult

and never-ending task. As Shadow-IT is here to

stay, the IT strategy must be resilient to user's

business needs and tasks they expect to do

with their personal devices.

Workplace Reality - Shadow IT

Identify the X

A good BYOX model must enable proper

visibility and identification of the mobile device

or X. The security solution must be capable of

identifying the devices based on owner, device,

application and/or access rights.

Demarcate Personal and Corporate

Applications or data which are accessed by

both personal and corporate devices must

have a demarcation point. A mechanism to

segregate the traffic through the personal

devices and corporate devices provides a base

of planning access control policy.

Draft Hybrid Policies

''One blanket policy does NOT do it all''. IT

policy for BYOX must ascertain that the

employees have convenient access to

resources without any security loopholes. A

convoluted policy with multiple One Time

Passwords (OTPs) doesn't only add to

employee dissatisfaction but also hampers

productivity. Hybrid policies must be created

keeping two things in mind: Business Need

and User's Role.

Manage Applications

Mobile Device Management (MDM) shifts to

Mobile Application Management (MAM).

Device-specific policies (MDM) are not very

user-friendly, because the restrictions apply on

Enterprise and Personal Applications alike.

Instead, MAM must be implemented to secure

the enterprise apps without bugging the

personal applications.

Data Loss Prevention and Antimalware

Protection

Powerful network security solution coupled

with end-point security checks data loss or

corruption. Security at the network Gateway is

of critical importance to maintain data integrity

while protecting against malwares.

Consistent Re-valuation of Policies

BYOX IT policies require continuous revision

given the fast-paced nature of mobile

technology. Consistent re-evaluation ensures

effective policy management and enables user-

friendly design.

Strategizing BYOX model

www.cyberoam.com | sales@cyberoam.com

With cloud-enabled computing and the presence of personal mobile devices, corporate networks are

exposed to attacks leading to Data Breach or Data Theft.

[A 2014 report by the Poneman Institute and IBM suggests, “The average total cost of a data breach

for the companies participating in this research increased 15 percent to $3.5 million. The average cost

paid for each lost or stolen record containing sensitive and confidential information increased more

than 9 percent from $136 in 2013 to $145.”]

Network Security was a significant concern even with legacy IT/devices, but with BYOX IT, threat has

increased manifolds. In order to enable Business Continuity, organizations allow the users to access

corporate resources using their personal devices. In this way, the responsibility of the critical data of

the organisation rests in the hands of the employees. Intentional or otherwise, loss of data through

employee's personal devices is the fact of the matter which needs to be addressed.

Corporate Data and Network Security

www.cyberoam.com | sales@cyberoam.com

Enforce Security with Identity-Based Management using Cyberoam

Layer 8 Identity-based firewall solution, Cyberoam, provides absolute network security to enterprises.

Cyberoam supports and empowers BYOX implementation and security through its intelligent identity

based security. Cyberoam provide real-time logs and monitoring utility which enables the administrator

to have complete visibility of devices, data and user on the network.

B

Application Filtering

Cyberoam application filter technology recognizes mobile apps across different

platforms. Application visibility helps the administrator to understand the Application

usage and formulate application-specific policies for the users. Using Cyberoam's

advanced application classification engine, HTTPS based Micro-Apps such as

Facebook chat, Facebook video upload and Google chat can be controlled and

managed. Such functionalities enable the administrator to create granular policies for

separate sets of users.

A

Device Visibility

Device or Client-Type identification provides detailed analysis of BYOX devices which

help the administrator to ascertain that only authorized devices access the corporate

network. Cyberoam, not only detects type of device been used, however one could

define corporate policies based on type of devices in use*.

CConnetivity and Continuity

Cyberoam delivers Any Where, Any Time, Any Device access with a range of VPN

options, ensuring uninterrupted business operations, enhanced productivity and lower

cost of operations by minimizing travel and infrastructure expenses.

Toll Free Numbers

USA : +1-800-686-2360 | India : 1-800-301-00013 | APAC/MEA : +1-877-777-0368 | Europe : +44-808-120-3958

Copyright 1999 - 2015 Cyberoam Technologies Private Ltd. All rights reserved. Cyberoam, Cyberoam logo are

trademark of Cyberoam Technologies Pvt. Ltd.

Cyberoam assumes no responsibility for accuracy or completeness of information. Neither is this a legally binding

representation. Cyberoam has the right to change, modify, transfer or otherwise revise the publication without notice.

www.cyberoam.com | sales@cyberoam.com

DAnti-malware and Anti-spam

Cyberoam offers comprehensive Email Security, preventing sophisticated forms of

zero-hour threats and blended attacks involving spam, botnets, phishing, spyware and

more.

Cyberoam adopts 2FA mechanism to ensure robustness in authentication and

authorizing the users both local users as well as roaming users that access business

resources over VPN.

Additionally, Cyberoam threat response team conducts unparalleled vulnerability

analysis on the outbreak of various network and application threats on regular basis.

Cyberoam Threat Research Labs continuously monitors and unearths new variant

outbreaks.