When you think about adding a BYOD program to your organization, you have to think about what devices are going to be coming in, and how they are going to connect. This brings me to my next segment of Tech Thursday… BYOD and Wireless. It is either a match made in IT dreams or nightmares depending on how prepared you are.
One of the first devices that come into the corporate network, before the iPad or other tablet, or before the laptop, is the cell phone, well smart phone, but there are not that many phones out there now that don’t connect to the internet through WiFi.
So for a moment think about the number of people in your company, 95% of them are going to have an Android device, an iOS device, a Blackberry. So this means if 95 of 100 people are now using 2 IP addresses, putting the IP pool at 195, add in the 25 IP addresses reserved for servers, printers, and other devices, you are now at 220 IP addresses used. Now what if half of the staff brings in or receives a tablet, the count is now at 270 devices in a 100 person organization. You are now needing to use multiple DHCP scopes, vlans, subnets, possibly multiple internet connections. Your simple router and two switch network has just morphed into a multi-connection conglomerate of physical and wireless connections.
This additional layer of network complexity, adds another layer of security concerns to go along with the BYOD concerns. Just having wireless, is a security concern depending on your encryption, place in the network, etc. I have been in some places that feel that WEP encryption is good enough for the network. Lets face it, if you have ever used a WEP key, they are long and ridiculous and only in Hex. So we all know what happens in the organization, this is written down on a post-it and passed around and shared, to the point that no one knows who all has the key now. So to prevent this we started using a harder to break WPA/WPA2 Pre-shared key, this too gets passed around and is not always the best to use in an enterprise. A way to help with this is either controlling the wireless with an iron fist, or push the information out with policies to user devices, or go with higher security and RADIUS, login authentication.
Most of the BYOD devices that come into an organization are going to be tablets, these are not going to connect to the traditional wired network. There is no way for them to. Even some newer “ultra-portable/ultrabook” laptops, do not have a built-in ethernet port. If you want to embrace BYOD, you must embrace Wi-Fi with open arms. And the wireless network has to be designed correctly, we no longer have the opportunity to just throw up a couple access point and be OK. Networks are no longer designed to just cover areas, they are designed to facilitate a large number of connects. The only way to know if your coverage is good enough is going to be a series of stress tests and a full wireless survey that will show any interference in the area, that will cause signal issues.
So the first steps of BYOD:
1. The Assessment: What are your needs, how can you do it, can you handle it, will your network handle it?
2. The test: Get some trial users and devices within the company. Get some test devices into their hands and see if they are able to go on business as usual, or if they have some major hinderances to getting their job done.