Network Security and BYOD (Bring Your Own Device)

    You probably have your smart phone within arm’s reach at this very moment. With immediate access to the internet and the capability of constant communication at our fingertips, allowing employees to use their personal smart phones and other devices on an enterprise level has become the norm for most organizations. But allowing employees to use these devices comes with benefits and risks.

    THE BENEFITS OF BYOD

    IMPROVED PRODUCTIVITY AND AGILITY – The ease of logging into email, accessing documents and remote data access, has profoundly changed the way companies do business. No longer tethered to an office or PC, employees now have the flexibility to work from anywhere, at any time of day, in any time zone. Our smart device is our mobile office.

    EMPLOYEE SATISFACTION – Employees are more comfortable using their own devices. With a company assigned phone, laptop, or tablet, there are restrictions placed on device use. With an employee owned device, they have the flexibility and freedom to utilize their devices for both professional and personal use. It also allows for greater flexibility in performing their job which can lead to improved productivity.

    COMPANY BOTTOMLINE – with BYOD, companies can save money. The employee, not the organization, pay for the purchasing and upkeep of devices, as well as data plans, and upgrades. And, as most smartphone users tend to upgrade more often than corporations do, companies can benefit from the newer technology and more powerful device capabilities when employees do upgrade their devices.

    There are many benefits of BYOD, but they come with risk. Implementing a BYOD policy and network security enforcement is a challenge for organizations both large or small.

    THE RISKS OF BYOD

    CYBER THREATS – Employees logging in from an unsecure network, malicious software and application downloads, outdated or nonexistent virus protection are all factors than can leave a company’s network at risk for cyber-attacks through personal devices.

    DATA LOSS AND RETRIEVAL – Protecting enterprise data from theft, deletion, loss, or unauthorized access is critical to network security. Ensuring that employee data is not merged with personal data and that data is retrieved and removed from devices once employment with the company ends are more factors that complicate data security.

    When employees have access to an organization’s network that network is open to security breaches. Oversight and a comprehensive BYOD policy is key to mitigating these risks and securing enterprise data and applications.

    BYOD POLICY

    DEFINE ACCESS – Define what levels of access employees have to data. The more sensitive the data, the more limited the access by employees.

    EDUCATE EMPLOYEES – The human factor is the weakest link in terms of BYOD policy. Employees must be advised of the dangers of unsecured Wi-Fi and use of jailbroken phones. Reiterating the importance of password protection, device backups, software updates, etc. is especially crucial when a personal device is being used for business purposes.

    DATA PROTECTION – Frequent network backups, security protocols for access and storage are mandatory. With the growing prevalence of cyber-attacks, encryption adds another layer of protection to sensitive data.

    MONITORING AND OVERSIGHT – Companies must be proactive in network security, especially in regards to BYOD. Continual monitoring and testing of network security systems for vulnerabilities allows organizations to identify and correct issues before they can be exploited.

    As BYOD becomes more commonplace, organizations, no matter their size, Smart devices are here to stay and companies will need an agile network and cyber security apparatus in place that can protect their data without damaging productivity.

    Contact Advantel Networks to help your company safely enable mobility and BYOD in the workplace.

     

     

     

    Healthcare Finds That One Cure is Better Technology

    American healthcare is in the midst of big changes. These changes are largely the result of an industry entering, adapting and coming to terms with a world gone digital.

    Like most changes, these come with growing pains. “Healthcare has always been driven by information and technology, even if the information wasn’t always readily available and the technology wasn’t always state of the art,” says Tom Vignau, President and CFO of Advantel Networks. “If anything, the ascendancy of the computer has served to bring the technological side of medicine into sharper relief.”

    Healthcare providers have not always been eager to adopt new technologies. Instead, they’ve been selective, embracing some changes like innovations in surgical instruments, drugs and medical imaging. The more mundane improvements, even when they pertained to core functions like record-keeping and inter-office communications, have tended to lag behind.

    This is less true today as the focus has shifted. When President Obama first addressed the American healthcare system, it wasn’t the subject of medical breakthroughs that made headlines. He talked about communication, medical records, accessing data, and the day-to-day processes that were part of a system in need of modernization. That focus has been felt throughout the sector.

    The potential benefits of changes on that front are obvious – at least in theory. Providers will have information at their fingertips. Mistakes will be reduced, if not eliminated altogether. Test results will be instantly available to those who need them. Duplication will be eliminated. Practitioners will share information with ease, making communication more efficient. The system will be streamlined. Costs will be contained. The result will be nothing but great news for providers and patients alike.

    In practice, the road has not always been smooth. Providers didn’t always embrace these new options, often seeing them as more of a burden than a blessing.

    That’s not because the changes themselves or the goals they sought to reach were fatally misguided. Instead, the bumpy road is part of an old story, a story that can be told about any industry: Even a plan that’s brilliantly conceived will flounder in the face of poor implementation.

    For Advantel, doing things right are words we live by, and they become especially pertinent when dealing with the unique challenges of the healthcare industry. It’s an environment that’s riddled with legacy systems frequently incompatible with each other.

    Reliability is critical, but speed and ease of use can’t be sacrificed on its behalf. Systems need to adapt to the needs of different providers and different facilities. If learning curves are steep, users won’t buy into what you’re selling. In this field, they have more pressing priorities.

    If these factors aren’t enough of a challenge, add in mandates for confidentiality, strict security requirements, and harsh government regulations on system design and implementation.

    It’s no wonder medical professionals are left shaking their heads in frustration at some of the purported solutions they’ve encountered. Generic systems won’t do the job. Healthcare systems need to be built specifically for healthcare. System builders need to understand and respond to providers’ needs at every turn, and they need to recognize that a grand vision, however worthy its goals, will not compensate for mediocre execution.

    Healthcare is different. The stakes are the ultimate stakes, and literally a matter of life and death. At Advantel, we are committed to ensuring that our work in the healthcare sector reflects that fact.

    Network Security – Primary concerns for small or large organizations

    Security. It is at the forefront of every conversation and concern in our lives today, and it will only increase in importance for the foreseeable future. At the Corporate level, we know that Network Security is the primary concern, but what are the primary components of concern for small and large organizations?

    BYOD (Bring Your Own Device) – We are in the age of tablets and smart phones. Most companies allow employees to use these devices to access enterprise data. Because employees are no longer accessing data on a single PC, within a strictly supervised internal network, organizations have to adapt to the growing risk and opportunities for security breaches. What if a device is lost or stolen? What if users are accessing data through an unsecure network? Who else has access to the device? What if a malicious app is installed on the device? This lack of physical control and access of personal devices by the IT team is a tremendous challenge to network security.

    CLOUD COMPUTING – With cloud computing, businesses are dependent on the cloud provider to store and manage data (as opposed to keeping data local on an in-house server). Hacking, provider user access, data transfers, data separation, and data storage are all reasons companies have been slow to embrace cloud.

    DATA RECOVERY – Network security is about keeping data safe. But what happens when data IS lost? A reliable backup system encompasses data classification (does ALL data need to be backed up), secure and timely backups, and a recovery strategy. Protocols must also be in place for disaster recovery, be it natural (i.e., weather, earthquakes) or man-made (i.e., cyber-attack, terrorism).

    INTRUSION DETECTION AND PREVENTION – This is what makes the headlines. We have seen countless news stories about corporations being hacked. Effective anti-virus protection, malware blocking, web filtering, firewalls, content security – when we think of network security, these are things most people think of, but these are just one of many security components that organizations face.

    HUMAN FACTOR – Many in the industry call this the weakest link in IT security. Disgruntled employees, careless or uninformed employees, lack of management support, recruiting and retaining qualified IT staff, no clear compliance or regulation enforcement – all of this requires careful monitoring and oversight. No matter how far technology advances, the human factor can never be ignored.

    Network security is crucial to any organization and cannot be left in the hands of just the IT department. Network security must be addressed at the level as well. Risk assessment and mitigation is vital. Equipment, software, employee education and compliance are all factors in keeping your company’s data secure.