I was at one of my regular clients this morning working
through my list of maintenance tasks etc. I had a complaint about the network
being slow for most people. I started to investigate and as I looked at my
statistics and logs I found something that disturbed me a little. There was a
device on the network that was using a very healthy amount of the bandwidth.
Think of bandwidth as a 4 lane highway. The more cars that are on it, the more
the congestion, the slower the speeds. This morning’s example was like one very
large truck taking up all 4 lanes slowing everyone else down.
Anyway. My software told me the MAC address (this is alpha
numeric number assigned to the actual hardware whether it is a phone, computer
or tablet). It also gave me the IP address (network address) that was assigned
to that device. As I traced it I found the traffic was flowing out, not in.
What that means is the device was sending large amounts of data. It was not
downloading an update or anything like that.
It was identified as an IPHONE by the router. With a network
full of devices to sift through and several people in training on site I
decided to simply block that device from sending anything out of the network.
The congestion cleared and things returned to a normal state making me friends
with many of the users again.
From a technical standpoint I you should realize that the
software could be wrong, the address can be faked and I could be chasing a
ghost if the person goes off site so I didn’t chase. The point to all of this
is how one device (if it was indeed an Iphone) can literally bring a network to
its knees. This client I have advised several times to not leave the wireless
open due to the fact this can so easily happen.
It did get me thinking as to how do you as a business
control this yet provide access needed? More and more Androids and Iphones are
being infected and many times the users will not know. They stick on the
network and BANG. Problems!
The question to ask is why allow the access? Why let people
use their own device? It may be cheaper up front or more convenient but in the
long run you may sacrifice functionality of your entire network. I equate it to
if you owned a race track where high performance cars are running but then you
let your neighbor take his SUV on the track it will eventually catch up with
you and slow everyone else down.
Many companies have a BYOD policy of what people can use and
connect to the network. Policy and procedure is really the key to being
successful. Without out it you open up your network to the wild west of
devices. People don’t even know most of the time when their device is infected
and then it turns out to be the time spent by the IT department looking for
that device. Even at that what do you do once you find it. Clean it for the
individual? How do you prevent it from coming back on your network?
Control what can go on your network. Make sure you
understand the safety concern and why. It really doesn’t take much to do to
ensure that network is running at peak efficiency. Most data breaches and
viruses happen from within. Introducing devices you are cannot control can open
you up to a world of pain as well as a major headache.
So what would a BYOD policy look like? First ask yourself
the question why allow external devices. The only reason should be a business
purpose. Not because you want people to be able to surf the net at lunch break.
I see the mistake made by business owners where they are trying to keep
employees happy by offering the ability to jump on the network. My question is
how unhappy you will be when people cannot do their work because of the scenario
above?
No comments:
Post a Comment