Waxaan ku noolnahay xilli ay waaxaha IT-ga ee ganacsiyadu ay wali isku dayayaan inay ku habboonaadaan Qalabkaaga Keen ama qaabka BYOD^{(Bring Your Own Device or BYOD)} ee goob sugan. Maqaalkeena ku saabsan fulinta BYOD , waxaan uga hadalnay laba fursadood: mid ay shaqaaluhu isticmaalaan aaladaha ay shirkaddu leedahay iyo mid ay ururadu isticmaalaan aaladaha ay shaqaaluhu leeyihiin. Arrimaha amnigu waxa ay aad ugu badan yihiin kiiska dambe oo ay shaqaaluhu ku heshiin waayaan in wax la faafreebo marka aanay joogin xafiiska. Markaa halkii laga isticmaali lahaa shabakada xafiiska, waxay bilaabaan inay isticmaalaan shabakadooda. Waxayna sidoo kale keenaan shabakadooda xafiiska. Saamayn noocee ah ayay ku yeelan kartaa ammaanka shirkadaha? Maqaalkani waxa uu eegayaa waxa ay tahay Keen Shabakaddaada^{(Bring Your Own Network)} ama BYONiyo sida ay u saamayso amniga ganacsiga?

Waa maxay Keen Shabakaddaada ama BYON ?

BYON waxay u taagan tahay Keen Shabakaddaada^{(Bring Your Own Network)} . Si loo badbaadiyo kharashyada iyo qaab ka wanaagsan faa'iidooyinka shaqaalaha, ururada qaarkood waxay u ogolaadaan shaqaalahooda inay isticmaalaan shabakadooda goobta xafiiska. Shabakadaha rasmiga ah iyo VPN^(VPNs) -yada guud ahaan waxaa loo qaabeeyey qaab dadka ka shaqeeya ururka oo isticmaalaya shabkadahaas, aanay geli karin mareegaha qaarkood oo caqabad ku noqon kara wax soo saarka. Laakiin waxa u muuqda inuu yahay isbeddelkii ugu dambeeyay, bilawga iyo ururada la midka ah waxay siinayaan shaqaale aan lahayn shabakad ama VPN . Taa beddelkeeda, waxay bixiyaan kharashka shabakadda uu shaqaaluhu u isticmaalo isku xirka iyo isticmaalka internetka^(Internet) ama Internetka^(Intranets) . Ama xaaladaha qaarkood, labada shabakad urureed ee degaanka iyo sidaha xogta shaqaalaha labadaba waa joogaan.

Shabakadda ururka waxa loo isticmaali karaa in lagu galo xogta ururkaas la xidhiidha iyada oo xog-qaadiyaha loo isticmaalo wax kasta oo internetka^(Internet) ah . Haddii uu jiro intranet ku lug leh, shaqaaluhu wuxuu isticmaali karaa xog-ururintiisa si uu u galo.

Nooca saddexaad ee shabakadda sidoo kale waxaa lagu qiyaasi karaa halkan. Qalabka moobilka waxaa loo dejin karaa meel kulul iyo aaladaha kale ee mobilada ee ku xira internetka^(Internet) ama Intranetka^(Intranet) iyadoo la isticmaalayo hotspot-kan. Markaan qorayo maqaalka, run ahaantii ma fahmin fikradda BYON , aniga ahaan, waa arrin amni oo halis ah halkii ay ka ahaan lahayd nooc kasta oo shaqaale ah ama kaydinta ururada. Waxa aad u fiicnaan lahayd in loo ogolaado shaqaaluhu inuu isticmaalo shabakada ururka si uu u baadho waxa isaga ama iyadu rabto halkii ay u oggolaan lahayd inay isticmaalaan xogta gacanta ama internetka^(Internet) dongle si ay u galaan internetka^(Internet) . Ugu yaraan, habkaas, sirta shirkadda looma sii deyn doono.

Khatarta Amniga ee BYON

Adduunyada uu Internetku^(Internet) noqday xudunta xogta raadinta, farsamooyin badan ayaa jira oo loo qorsheeyay maalin kasta si ay dadku u bixiyaan xogtooda gaarka ah. Waxaad taqaanaa phishingka. Waxaad sidoo kale taqaanaa injineernimada bulshada. Dhanka phishing-ka, dambiilayaasha waxay isku dayaan inay ururiyaan xogtaada shakhsi ahaaneed iyagoo isticmaalaya sed kala duwan. Injineerinka bulshada, dambiilaha waxa uu saaxiib la noqdaa mid ama in ka badan oo ka mid ah shaqaalahaaga oo waxa uu bilaabo "soo saarida" xogta la xidhiidha ururkaaga. Taasi waa, marka la isku daro, labada dariiqo - haddii mid ka mid ah shaqaalahaagu uu qaato sed - waxay u horseedi kartaa masiibo ururkaaga.

Taas oo keliya ma aha, isticmaalka xogta gacanta ee shaqada ururku waxay ku siin kartaa dhibaato kale. Ma jiro dammaanad qaad ah in xidhiidhka ka dhexeeya aaladda gacanta ee shaqaalahaaga iyo goobta uu booqanayo uu yahay mid sir ah. Qarsoodi la'aan, dembiilayaal si fudud ayay u eegi karaan xogta la gudbinayo iyo sida loogu isticmaalo faa'iidadooda gaarka ah. Marka ay soo galaan Intranet -ka halkaas oo qof uu ku soo galay isagoo isticmaalaya xogtiisa gacanta isagoon qarsoodi lahayn, tusaale ahaan, waxaa laga yaabaa inay siiyeen aqoonsigooda gelitaanka qof ku dulma ururkaaga. Taas, waxay ku socotaa sirta xogtaada ilaa xadka shaqaaluhu ka heli karo xogtaada.

Sidee loo hirgelin karaa - Ka dhig qofka shaqaalaha ah mas'uul^{(How can it be implemented – Make the Employee responsible)}

Ilaa hadda, habka kaliya ee ururada kala duwan ay u isticmaalayaan hirgelinta BYON waa:

1. Bar shaqaalaha khataraha isticmaalka isku xirka internetka^(Internet)
2. Ka dhigista shaqaalaha masuul ka ah wax kasta oo jebinta xogta dhacda

Midda labaad waxay khatar badan ku tahay shaqaalaha hay'adahaaga waxayna doorbidi lahaayeen inay isticmaalaan shabakadda shirkadda. Taas macnaheedu waa inaad siiso iyaga shabakad maxalli ah oo ay ku isticmaali karaan shabakadooda ilaa inta ay ku jiraan xafiiska. Waxa laga yaabaa inay u isticmaalaan shabakadaha gacanta - si taxadar leh - shaqooyinka kale sida wax baadhista inta lagu jiro wakhtiga firaaqada.

Fikradayda, dhammaan ku-dhaqanka BYOD waa mid khaldan maadaama ay u oggolaanayso shaqaalaha inay qaataan xogta ururrada guriga. Ku darso^(Add) , haddii ururku ogolaado isticmaalka shabakadeeda BYOD , xaaladdu waxay qarxin kartaa dhammaan xogta gaarka ah ee xogta ururka wakhti kasta. Waa bam bam ah oo sida caddaynta jebinta xogta dhowaan, khalad fudud oo qayb ka mid ah shaqaalaha ayaa noqon kara khasaare xun oo soo gaadhay ururka oo dhan.

Dhibaatooyinka kale ee BYON

Dhibaatooyinka kale ee badan ee la yimaada Keen^(Bring) Shabakaddaada waxaa ka mid ah in taageerada IT-gu aysan habayn karin shabakadaha shaqaalaha; ma jiro shaqaale ku heshiin doona taas haddii ay ku jirto faafreebka mareegaha qaarkood.

Taageerada IT-gu kama xalin karto arrimaha shabakadaha shaqaalaha sababtoo ah waxay la xidhiidhaan xog sidayyaal kala duwan. Cilad-raadinta, shaqaaluhu waa inuu wacaa bixiyaha adeegga xogta ee ay isticmaalayaan. Ikhtiyaarka halkan ayaa noqon kara in la siiyo hal qorshe xog-qaade dhammaan shaqaalaha laakiin ma garanayo sida ay suurtogal u noqon karto. Ku dhawaad^(Almost) ​​qof kastaa waxa uu leeyahay waxa uu jecel yahay sidaa awgeed qaar waxa laga yaabaa in aanay ku heshiin in ay beddelaan bixiyeyaasha shabakadooda.

Way adkaan doontaa in la raadraaco shaqaalaha isticmaalaya agabka Internetka ee shirkadda haddii^(Intranet) uu mid jiro. Daynta shaqalaha waa la xadidi doonaa maadaama aysan jiri doonin habab nacasnimo ah oo u sheegi kara maamulaha kuwaas oo daryeella'aantoodu ay sababtay jebinta xogta. Waxaa laga yaabaa in ururku uu arrinkan qorsheeyey muddo dheer ka hor intaysan aadin BYON .

Waa aragtiyo aniga ii gaar ah oo ku saabsan waxa ay tahay BYON , maxay yihiin arrimaha amniga la xiriira, iyo sidii loo hirgelin lahaa haddii loo baahdo. Uma maleynayo in BYON loo baahan yahay ilaa aad rabto in shaqaalahaagu uu ku ciyaaro qaar ka mid ah ciyaaraha khadka tooska ah ee xafiiska. Laakiin taasi waa aragtidayda.

Waan ku farxi lahaa inaan ogaado aragtidaada oo markaa, waxaan sugi doonaa faallooyinkaaga.^{(I would be glad to know your views and hence, will be waiting for your comments.)}

What is Bring your own Network or BYON?

We are living in an era where the IT departments of businesses are ѕtill trying tо fit in the Bring Your Own Device or BYOD model in a secure arena. In our article on BYOD implementations, we talked of two possibilities: one where the employees use company-owned devices and one where the organizations use employee-owned devices. The security issues are more in the latter case where the employees may not agree to get things censored when they are not at the office. So instead of the office network, they start using their own network. And they bring their own networks to the office as well. What effects would it have on the security of the companies? This article looks at what is Bring Your Own Network or BYON and how it affects the security of businesses?

What is Bring Your Own Network or BYON?

BYON stands for Bring Your Own Network. For saving on costs and in form of better employee perks, some organizations allow its employees to use their own network at the office place. The official networks and VPNs are generally designed in a way that people working in the organization and using those networks, cannot access certain websites that may hinder productivity. But in what seems to be the latest trend, startups and similar organizations are providing employees with no network or VPN. Instead, they pay up for the network the employee uses for connecting and using the Internet or Intranets. Or in some cases, both the local organizational network and employee’s data carrier is present.

The network of the organization can be used to access the data pertaining to that organization while the data carrier is used for anything on the Internet. If there is an intranet involved, the employee can use his own data carrier to log into it.

The third kind of network can also be envisioned here. A mobile device can be set up as a hot spot and other mobile devices connecting to the Internet or Intranet using this hotspot. As I write the article, I do not really understand the concept of BYON, as for me, it is a serious security issue rather than any kind of employee perks or savings for the organizations. It would be much better to let the employee use the organization network to browse what he or she wants instead of allowing them to use their cellular data or Internet dongle to access the Internet. At least, that way, the company secrets won’t be let out.

Security Risks of BYON

In a world where the Internet has become a hub for information seeking, many techniques exist and are being designed each day to “make” people give out their personal data. You know about phishing. You also know about social engineering. In the case of phishing, criminals try to collect your personal data using different baits. In social engineering, the criminal befriends one or more of your employees and starts “extracting” data pertaining to your organization. That is, combined, both the methods – if any of your employees take the bait – can prove disastrous to your organization.

Not only that, using cellular data for organizational work may provide another problem. There is no guarantee that the connection between your employee’s mobile device and the site he or she is visiting is encrypted. Without encryption, criminals can easily check out what data is being transmitted and how to use it for their own benefit. Once they land upon the Intranet where someone logged in using their cellular data without encryption, for instance, they may have given out their login credentials to someone snooping on your organization. With that, goes the privacy of your data to the extent the employee could access your database.

How can it be implemented – Make the Employee responsible

As of now, the only method different organizations are using to implement BYON are:

1. Educate the employee about the risks of using own Internet connections
2. Making the employee responsible for whatever data breach occurs

The second one is more of a threat to the employees of your organizations and they would prefer to use the company network. That means you have to provide them with a local network they can use with their networks as long as they are in the office. They may use cellular networks – with care – for other works such as browsing during the free time.

In my opinion, the entire practice of BYOD is misplaced as it allows employees to take home organizational data. Add to it, if an organization allows usage of its own networks to BYOD, the situation can blow up all the privacy of organizational data anytime. It is a bomb ticking and as evident from recent data breaches, a simple mistake on part of an employee can be a terrible loss for the entire organization.

Other Problems With BYON

Among the many other problems that come with Bring Your Own Network are that IT support cannot configure the employees’ networks; no employee would agree to that if it includes censoring some websites.

The IT support cannot troubleshoot issues with employees’ own networks as they may be related to different data carriers. For troubleshooting, the employee will have to call up the data service provider they are using. An option here could be to provide a single data carrier plan to all the employees but I do not know how feasible it would be. Almost everyone has their own favorites and hence some may not agree to change their network providers.

It would be hard to track which employee is using what resources on the company Intranet if there is one. The liabilities of employees will be limited as there won’t be any foolproof methods that would let an admin know whose carelessness caused a data breach. The organization may have to plan out on this at length before they go for BYON.

These are my own views on what is BYON, what are the security issues related to, and how to implement it if required. I do not think BYON is needed unless you want your employee to play some online game in the office. But that is my own view.

I would be glad to know your views and hence, will be waiting for your comments.

Related posts

• Sida loo isticmaalo Network Sniffer Tool PktMon.exe gudaha Windows 10

• Daar xiriirinta Shabakadda intaad ku jirto heeganka casriga ah Windows 11/10

• Waa maxay Tor Network maxaase loo isticmaalaa?

• Ku cabbir xawaaraha Shabakadda Aagga Maxaliga ah qalabka Tijaabada Xawaaraha LAN

• Daar ama dami Wi-Fi iyo adabtarada Ethernet Windows 11

• Sida loo isticmaalo Qalabka Query Port (PortQry.exe) gudaha Windows 11/10

• Siideynta TCP/IP, Flush DNS, Dib u deji Winsock, Dib u deji Proxy oo wata Faylka Dufcaddii

• Aaladaha Shabakadda Wireless-ka ee bilaashka ah ee loogu talagalay Windows 10

• NetTraffic: Kormeeraha taraafikada shabakada waqtiga dhabta ah ee Windows 11/10

• Glasswire Firewall iyo Qalabka Kormeerka Shabakadda ee dib u eegista

• Sida loo awood Wake-on-LAN gudaha Windows 11/10

• Galka shabakadda ee la cayimay ayaa hadda la sawiray iyadoo la isticmaalayo magac isticmaale oo kala duwan

• Sida loo abuuro shares Network gudaha Windows 10

• Sida loo hagaajiyo DHCP Lookup qalad guuldaraystay om Windows & Chromebooks

• Sida loo nadiifiyo Khariidadda Shabakadda Drive Cache gudaha Windows 11/10

• Software-ka Shabakadda Shabakadda ee ugu fiican ee naqshadaynta shabakadaada

• Waa maxay VLAN? Waa maxay sababta aan u isticmaalno VLANs?

• Sida loogu awood DNS ka badan HTTPS gudaha Windows 11/10

• Hagaaji khaladka daabacaha shabakada 0x00000bcb - Lama xidhi karo daabacaha

• Sida loo damiyo NetBIOS iyo borotokoolka LLMNR iyadoo loo sii marayo GPO