Guelph upgrades network for Bring Your Own Device policy

The City of Guelph’s BYOD—Bring Your Own Device—policy for employees gave rise to a need for deeper visibility of all possible devices that employees and contractors might connect to the corporate network, as well as a need to meet regulatory requirements such as PCI-DSS.

The BYOD policy at the City of Guelph, in Ontario, was a joint initiative driven by the human resources and IT departments in recognition of the added benefit that using personal devices in the workplace would render employees, said Shibu Pillai, network security specialist with the City of Guelph.

But that degree of device freedom on the corporate network meant the existing IT infrastructure could not provide the level of visibility and security that the IT department wanted.

“Sometimes the device had already connected and disconnected and we didn’t know what they did,” said Pillai.

The reactive approach afforded by the previous homegrown system, said Pillai, was such that, when an employee would accidentally connect a personal device to the network, IT admins would shuffle around a manual process that entailed correlating information and then contacting the employee to notify them they violated the company device policy.

With the implementation of network security technology from Cupertino, Calif.-based ForeScout Technologies Inc., Pillai said, the IT department now creates security policies per user and device type and then relies on the automated capabilities for dealing with patch updates and breaches.

“There’s tremendous amount of reduction in administrative effort—the hours that we put in it—(and it) also really augments our security effort that we put into the security network,” said Pillai, estimating a savings of five to 10 per cent in man-hours per week.

Scott Gordon, vice-president of worldwide marketing with ForeScout, said the combination of better visibility and automation in network security is important for organizations, public and private, such as the City of Guelph, given the need to safeguard employees as well as its large body of contractors who bring their own devices to work.

The ability to measure and react to security threats especially as organizations must accomplish more with less funds is particularly important as they must also deal with the consumerization of IT, said Gordon. “This way, it better manages the risk,” said Gordon.

Moreover, he added, the challenge for many is applying security policies across what is often a complex network.

Before the implementation, it was never really clear whether security policies were properly enforced, Pillai said. “We had to consistently be in touch with the business and department heads and remind them,” he said.

Now, the City of Guelph has a “deeper posture check” between security profiles such that, for instance, an antivirus update can be applied as specified by a particular policy, said Pillai.

As for alien devices on the network, Pillai said the IT department is no longer in the dark as to what sort of device it is and what it might be up to. “If it is a corporate device, it is allowed on the corporate network. If it is a non-corporate device, it is allowed on the guest network,” said Pillai.

Users of guest devices, such as contractors, are prompted for credentials and have their activity monitored for as long as they are on the network.

Follow Kathleen Lau on Twitter: @KathleenLau

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now