Using network monitoring to protect your BYOD workforce

• Companies increasingly rely on BYOD policies to ensure work continuity
• An uptick of VPN usage can put a strain on connectivity, but network monitoring can ensure bandwidth remains open

As companies continue to support the mass pivot towards remote working, the pressure to establish a safe and secure work from home routine has never been greater.

The main goal for all organizations right now is to ensure that their productivity levels do not fall below usual levels during the current COVID-19 global health crisis, and that ordinary working arrangements are maintained as best as possible.

In order to do this, setting up and configuring IT systems and resources are the crucial foundations for ensuring ‘business as usual’. 

While companies are in the midst of deploying their contingency plans and scaling up their IT resources to ensure a new remote workforce is equipped with the right resources, the concept of bring your own device (BYOD) – or employees using their own devices for work – has suddenly taken center stage. 

For organizations which don’t distribute phones and laptops to their employees, there has been little choice but to allow staff to use their own smartphones, tablets and laptops to access their company’s networks and carry out their daily workload.

Of course, this practice comes with a litany of security concerns due to the influx of unvetted, and often inadequately protected, end-points connected to an organization’s central system, increasing the risk of cyber attacks.

Organizations looking to execute an effective BYOD policy throughout this period should bear in mind the following considerations.

# 1 | Get tight on bandwidth

Many companies are now utilizing VPN (Virtual Private Networks) to protect remote endpoint security, but employees using personal services and applications could put a considerable strain on bandwidth affecting the overall productivity of the business.

If seeing an unnatural surge in traffic, businesses should seek to analyze what’s causing it by monitoring the network, allowing them to plan their VPN bandwidth more effectively. They can also become familiar with their employees’ general usage patterns and bandwidth consumption in order to restrict increased or unwanted usage.

# 2 | Detecting anomalies early

Cyber criminals are taking full advantage of the current landscape, using COVID-19-themed scams to bait internet users, and leveraging current distractions to take advantage. 

Making matters worse is that, in the best case, an employee’s device will probably only have consumer-grade cybersecurity software installed.

As workers download the productivity, videoconferencing and comms tools they need to continue their workflow, they may not receive the same level of protection and treat detection as they would in the office. That means a rogue click or illegitimate download could potentially cause a lot more damage.

Utilizing network behavior analysis, network administrators can focus on monitoring their network in real-time, and correlate various network anomalies and attack patterns in their early stages. By detecting abnormal activities like suspicious sources, destinations, and flows, network administrators can identify cyber crimes such as DDoS attacks quickly. 

# 3 | Communication is key

Perhaps the most significant component of implementing a BYOD policy is fostering an enterprise-scale cybersecurity awareness among employees and putting into action a plan that empowers workers to brave the challenges of their new remote working routine safely. 

It is vital to communicate fundamental security practices to remote workers to minimize the risks of unwanted access to organizational systems. 

Making employees aware of simple best practices like not opening suspicious emails, refraining from clicking or sharing unfamiliar links and consistently resetting and securing their Wi-Fi and login credentials can prevent a myriad of cybersecurity breaches from happening.

However, this advice can often fall on deaf ears; many employees are not aware of the significance of these threats, so IT leaders must think creatively around how they can engage employees to adopt a cybersecurity-first mindset, from their own device.