Networks or devices? Both must be hardened to safeguard our users

Summary:For businesses and enterprises, the network vs. device debate is moot. They must protect both.

This week, I participated in a great debate with our own Ryan Naraine about whether the network or the device was the best defense for mobile security. As both Ryan and I agreed, it wasn't really an either/or proposition: both devices and the network need security facilities.

My concern is that neither can really go it alone, and we certainly can't rely on device users to police themselves. Some users, when well trained, will go along with our guidelines. But when our users range from teenagers (with their level of immaturity) to our senior VPs (with their almost identical level of unwillingness to take direction), we need to protect our users from themselves.

For consumers, this protection falls squarely on the device makers, who can create some level of protective cushion for users. But even Apple, with all its app approval processes and restrictions, doesn't fully police its environment and has millions of users with jailbroken phones.

The carriers who host users are always fighting something of a losing battle, but they must protect the integrity of the network. It used to be that they'd only allow certain phones, with certain applications that they'd vetted thoroughly, onto their networks. Now, with millions of apps out there, carriers do their best to guard their pipes, but the challenge is huge.

For businesses and enterprises, the network vs. device debate is moot. They must protect both. The best approach is with good policy and training, and by specifically allowing only certain devices onto their networks. But even those approaches can run into snags, like when an employee with a BYOD device is terminated with cause — and some procedure must be followed to remove corporate data from a personal device.

In the long run, we're going to need to see protections on both sides. Networks will need to get more secure, intrusion protection systems will be necessary as BYOD devices waltz past the firewall. Devices, either with bare-metal hypervisors or features like the BlackBerry Balance and Samsung Knox , may be able to help keep their users just a little bit safer.

The bottom line, though, is this: device or network, we're still going to be under constant attack , constant threat of incursion, and we're still going to need to be almost preternaturally diligent to keep our enterprises and users safe.

Topics: Mobility, Security

About

In addition to hosting the ZDNet Government and ZDNet DIY-IT blogs, CBS Interactive's Distinguished Lecturer David Gewirtz is an author, U.S. policy advisor and computer scientist. He is featured in The History Channel special The President's Book of Secrets, is one of America's foremost cyber-security experts, and is a top expert on savi... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.