I kicked off the Bring Your Own Device (BYOD): A Summit for Decision-Makers (summary article) as the keynote speaker last week in Ann Arbor, Michigan. This Summit was put on by Merit, who provides the network service needs of higher education, K-12 organizations, government, health care, libraries, and other non-profits for the state of Michigan. It brought together public and private sector technology and security leaders, as well as experts from academia and a wide array of vendor sponsors, to discuss hot trends for employees who are bringing their own devices to work.
I was interested in presenting on this BYOD topic because I understand the concerns but I also feel we need to put the issue into proper perspective. BYOD is officially defined as the practice of allowing the employees of an organization to use their own computers, smartphones, or other devices for work purposes. This is the valid concern which causes us to question our preparedness for dealing with bandwidth and security issues associated with BYOD. But the acronym has become synonymous with challenges relating to the explosion of mobile internet access devices which tend to pressure our network management more than security risks. My Keynote entitled, BYOD: We just need to keep up, focused on the emerging concerns from Wear Your Own Device (WYOD) and the evolution of The Internet of Things (IoT).
Wearable devices today are not really pressing our infrastructure or security concerns, however, that is the calm before the storm. The focus for these wearables today typically points to some form of activity or health monitoring. Interaction with the Internet or local WiFi is minimal now typically because of power consumption issues. However, the stage is set for these small useful devices to interact with our personal Internet space. And the most significant use will evolve out of the NFC based authentication made popular by the Apple Pay entry for transacting purchases. The key here is the validation of mobile devices, typically today’s smartphones, as authenticators of our personal identity. Replacement of the credit card swipe for retail purchases will lead the way, however, we in IT will get to explore and support all of the other uses that will play off this technology. For us in higher education we will see this become our student’s ID Card for building access, attendance and even remote test proctoring. The technology challenge is not daunting, however, the shift of our support mentality may be difficult. We will need to protect the effectiveness of these activities along with ensuring the security. It will mean a lot more technology responsibility on our plates.
I’m giving a presentation next week at a technology conference for higher education technology leaders entitled “Redesigning Wireless Networks for the Proliferation of Multimedia Enabled Mobile Devices”. What will be valuable about my presentation won’t be details about wireless network technology, although some details will be used to seed the conversation. No, the value will be the open discussion about what we are doing with our wireless networks and why we feel we need to do it. A discussion that invariably takes us to how we will deal with the influx of BYOD, Bring Your Own Device, to our campuses.
The BYOD buzz is helpful to the vendors and consultants to generate concern about this proliferation of wireless personal computing devices on our campuses. We may just deal with this as a policy decision of (Not Allowed) hoping to maintain control of our network. But we will eventually need to deal with this. However, our infrastructure may not be ideally designed for the challenge. The solution is now pointing to a new version of Network Access Control, NAC. Not the NAC of virus quarantine days but a NAC for designed for wireless network management.
I believe that our wireless network has become the primary network access. This means we can’t wait to negotiate authentication and provisioning back at the network core, we need to make those decisions at the point of access. There may be wireless devices that we do not want on our network and there is enough information to make that decision before any access is granted. Our user classes are no longer just employees and guests, we need to offer role based policy management. Wireless service is now about seamless handoffs as one moves across campus and bandwidth allocation from multiple access points with multiple antennas. Responding to these wireless networking requirements is not just about a financial investment. The correct strategic decisions are more critical then ever as we try to position ourselves for the next wave of innovation destined for our campuses.