BYOD will hit an 'inflection point' in 2015: AT&T

Security for connected devices could possibly weigh heaviest on telecommunications providers going into 2015.

The flashiness and wild promises of connected devices and the Internet-of-Things swamped the 2015 Consumer Electronics Show last week.

Special Feature

Tapping M2M: The Internet of Things

The rise of objects that connect themselves to the internet -- from cars to heart monitors to stoplights -- is unleashing a wave of new possibilities for data gathering, predictive analytics, and IT automation. We discuss how to tap these nascent solutions.

Read More

But to fall back on a very tried but true cliché at this point, with all this power comes an enormous amount of responsibility -- namely concerning security.

Those responsibilities are going to weigh heavy on telecommunications providers. Such pressures and concerns only compound when it comes to workplace devices that hold and transfer sensitive data across corporate networks.

Michael Singer, who leads planning and marketing for mobile security solutions at AT&T, remarked that the Internet-of-Things should really be referred to "connected living," while on the enterprise side, it's "connected business."

Bring-Your-Own-Device (a.k.a. BYOD), a trend that reached peak saturation in enterprise IT circles in 2014, will reach an inflection point this year, predicted Andy Daudelin, vice president of security services for AT&T's Mobile Business Solutions team.

"In 2014, it was a topic starting to hit areas of concern, but we're ready to take off in terms of proliferation of Bring-Your-Own-Device," reflected Daudelin during a webcast on Tuesday. "This is where destructive malware really becomes an issue."

Brian Rexroad, executive director for threat intelligence and response engineering at AT&T, suggested that in most high-profile, lucrative cyber-attacks, there is actually very little revolution that takes place but rather evolution.

"Users aren't thinking of these things as computers, but they are," Rexroad reminded. "There needs to be more robustness across the industry."

Concerns on both sides of the network are multiplied, posited Daudelin, when one considers that a device doesn't necessarily have just two uses - personal and business - but also matters like healthcare where data could be associated with three different hospitals, for instance.

"A company can't be sure that the user has done everything required to keep that device secure for business users," Daudelin acknowledged. "On the flip side, users are very concerned about privacy."

Organizations need to deploy BYOD solutions through a layered approach by deploying containers from the device to the network to the cloud, Daudelin argued. They also need to be able to segment data on that device but also ensure privacy.

"It requires an end-to-end view," Daudelin added.

Rexroad lamented that most mobile devices still aren't designed with the robustness to handle the expansion of the Internet-of-Things spectrum. As a consequence, he continued, they could be exploited and turned into a wider botnet.

Singer reminded that "you really can't be comfortable" at any point, reiterating the need for "super duper patchers" and even heightened skepticism around popular IT trends -- notably the fervor around open source in 2014.

"You can go along way just by being focused on the basics," Rexroad noted, pointing toward standard options such as anti-virus malware software on devices matched by firewalls on the network. He also stressed the value of education, pointing toward many security risks and cases (i.e. phishing emails) that could have been avoided with a little extra awareness.

Rexroad advised to both IT administrators and employees using personal devices at work that these smartphones and tablets should be considered computers requiring consistent patching processes.

IT departments, in particular, need to be vigilant in demanding these patching processes as they would with traditional computers. End users also can't assume all these things happen just because they're connected to the Internet.