Cambridge, Mass., May 14, 2013— Bradford Networks™, the best choice to secure network access for BYOD, today announced that its patented network access control (NAC) solution, Network Sentry, supports eduroam (education roaming), the secure, world-wide roaming access service developed for the international research and education community. Through this support, universities worldwide can enable Bring-Your-Own-Device (BYOD) across their campuses while providing secure network access for both their own domain users and visiting eduroam users.

eduroam is an access service that allows students, researchers and staff at participating institutions to automatically obtain Internet connectivity when visiting participating institutions simply by turning on their laptops and/or mobile devices. Network Sentry significantly simplifies the setup and management of eduroam and enables IT administrators to use a single SSID to support both visiting eduroam users and its own domain users.  Network Sentry automatically provisions network access to both visiting eduroam users and local users based on the university’s pre-defined policies for each user type – staff, students, faculty, guests etc.

“The bring your own device trend provides tremendous benefits to all students, staff and guests on campus, but the security concerns regarding the latest mobile threats had prevented us from fully committing to eduroam in the past,”  said Sean Ashford, network and system manager at The University of Winchester.  “Bradford Networks’ Network Sentry instantly took away all the problems and makes it all very simple. Now we fully support eduroam and offer the convenience of instant wireless access to visiting students and staff, while protecting unauthorized access to sensitive data and reducing security risks.”

Benefits of Network Sentry’s support for eduroam include:

• Simplifies the management effort of the eduroam access service;
• Requires only a single wireless SSID for all users – both eduroam guest users and domain users;
• Visiting eduroam users simply log in using their own eduroam credentials to gain immediate access to the Internet without requiring any additional registration;
• Significantly reduces the number of calls to the IT help desk through easy onboarding and remediation processes.

The University of Winchester purchased and deployed Network Sentry in 2012 through Bradford Networks’ UK reseller, Khipu Networks. With 7,000 students, each bringing an average of 2-4 devices, the University uses Network Sentry for visibility and control of wireless network access for its local domain users as well as for visiting eduroam users. Network Sentry provisions network access based on pre-defined policies and ensures that mobile devices are compliant before joining the network. Non-compliant devices are automatically quarantined and users are guided through steps for remediation. Since the deployment of Network Sentry, the University of Winchester’s  IT department has seen a considerable decrease in the number of calls to the help desk, freeing up valuable time and resources for other projects, and a significant improvement in student satisfaction with wireless connectivity.

“eduroam is a fast growing international standard that adds prestige to participating institutions,” said Tom Murphy, CMO, Bradford Networks. “As the go-to NAC solution for educational institutions, we stay at the forefront of innovation to support the needs of our customers. With Network Sentry, institutions can now easily adopt and support eduroam without sacrificing network security. ”

eduroam is now available over 60 countries worldwide, including: Andorra, Armenia, Australia, Austria, Azerbaijan, Belarus, Belgium, Brazil, Bulgaria, Canada, Chile, Croatia, Cyprus, Czech Republic, Denmark,  Estonia, Finland, France, Germany, Greece, Hong Kong, Hungary, Iceland, Ireland, Israel, Italy, Japan, Kenya, Korea, Kyrgyzstan, Latvia, Lithuania, Luxembourg, Macau, Macedonia, Malta, Moldova, Montenegro, Morocco, The Netherlands, New Zealand, Norway, Peru, Poland, Portugal, Romania, Russia, Serbia, Singapore, Slovenia, Slovakia, South Africa, Spain, Sweden, Switzerland, Republic of China, Thailand, Turkey, United Kingdom, United States of America.

For more information on eduroam, please visit: https://www.eduroam.org.

About Bradford Networks

Bradford Networks offers the best solution to enable secure network access for corporate issued and personal mobile devices. The company’s patented Network Sentry solution is the first network security offering that can automatically identify all devices and all users on a network, providing complete visibility and control. Unlike vendor-specific network security products, Network Sentry provides a view across all brands of network equipment and connecting devices eliminating the network blind spots that can introduce risk.  Network Sentry is used by more than 900 enterprise customers worldwide in markets such as healthcare, financial services, retail, government, education and more. For more information, please visit www.bradfordnetworks.com.

About Khipu Networks

Khipu Networks is a Cyber Security solutions provider that has a large presence within the education sector, providing network access, visibility and control solutions. With over 10 years’ experience and 400+ education customer deployments, we have specialist expertise in meeting the challenges when providing an open, flexible but secure network environment to students, staff and visitors. Khipu was recently recognized as the 2012 International Partner of the Year by Bradford Networks.

Cambridge, Mass., May 7, 2013— Bradford Networks™, the best choice to secure network access for BYOD, and Brocade® (NASDAQ: BRCD), a leader in networking solutions, today announced a strategic partnership and an integrated bring-your-own-device (BYOD) security solution. The solution utilizes Bradford Networks’ patented Network Sentry solution to provide customers with secure network access control (NAC) across the Brocade wired and wireless HyperEdge™ Architecture.

“We are a long-time customer of both Bradford and Brocade. As the volume of personal and corporate-owned devices connecting to our network continues to grow, we need integrated offerings that can address the new security and scalability challenges of ensuring BYOD across our campus,” said Greg Schuman, network analyst, Franklin & Marshall College. “The partnership and integrated solution between Bradford Networks and Brocade will allow users on the Franklin & Marshall College network to become more securely and better connected, which has the potential to increase productivity.”

The recently announced Brocade HyperEdge Architecture automates and simplifies the campus network, creating a holistic wireless and wired infrastructure that enables organizations to harness the productivity gains and competitive edge that mobility cloud-enabled services and applications offer. It delivers a campus environment that quickly and easily scales and responds to the demands of increased user mobility, while delivering instant access to services and applications, at a low total cost of ownership. Bradford Networks’ Network Sentry NAC solution automatically identifies and profiles all devices and all users connecting to the HyperEdge Architecture—providing complete visibility into who, what, where, and when someone connects to the Brocade network—and then provisions network access based on pre-defined security policies.

The Brocade HyperEdge Architecture and Bradford Networks’ Network Sentry solution work seamlessly together to provide easy connectivity for personal and corporate devices while safeguarding access to corporate assets and ensuring a high-quality user experience.

Key benefits and features of the integrated secure BYOD solution include:

• Delivers enterprise-wide network visibility and access control of all devices connecting to the  Brocade infrastructure (wired, wireless, or VPN)
• Works seamlessly with the HyperEdge Architecture Distributed Access Point Forwarding technology to ensure a secure high-quality mobile user experience
• Provides automated profiling of user device type and risk posture ensuring a high-quality and safe user experience
• Enables dynamic provisioning and enforcement of security policies on the existing and new Brocade network equipment
• Leverages the command and control of the HyperEdge Architecture to protect intellectual property and critical infrastructure from unauthorized use
• Automates security operations and guided remediation of users and devices not meeting the default requirements for joining the network

“The explosion of BYOD and mobility makes secure, high-quality mobile user connectivity vastly more complicated. The disparate silos of security technologies and wired or wireless network connectivity are not sufficient to meet this challenge,” said Siva Valliappan, senior director, campus product management, Brocade. “Our partnership with Bradford Networks combines best of class solutions for security and network infrastructure to deliver visibility and control over every single connection to our customers’ networks while ensuring a high-quality user experience.”

The integrated Bradford Networks and Brocade solution utilizes Bradford Networks’ recently announced Network Sentry SmartEdge Platform™. The Network Sentry SmartEdge Platform is an open Application Programmer Interface (API) that enables industry-leading security, mobility management, and wired/wireless vendors to integrate with Network Sentry to extend and enhance BYOD visibility, control, and remediation out to the very edge of customers’ networks.

“We are very pleased to partner with Brocade. Brocade is the latest vendor to join our SmartEdge ecosystem of leading technology partners that are integrating with Bradford Networks to deliver complete and secure solutions for BYOD,” said Tom Murphy, CMO, Bradford Networks. “Many organizations are embracing the benefits of providing consistent and reliable connectivity for personal devices, but they also want to protect corporate assets from unauthorized access while keeping users productive. The integration provides a seamless solution that utilizes best of breed products to deliver a simple and secure BYOD strategy while ensuring a positive end-user experience.”

About Bradford Networks

Bradford Networks offers the best solution to enable secure network access for corporate issued and personal mobile devices. The company’s patented Network Sentry solution is the first network security offering that can automatically identify all devices and all users on a network, providing complete visibility and control. Unlike vendor-specific network security products, Network Sentry provides a view across all brands of network equipment and connecting devices eliminating the network blind spots that can introduce risk.  Network Sentry is used by more than 900 enterprise customers worldwide in markets such as healthcare, financial services, retail, government, education and more. For more information, please visit www.bradfordnetworks.com.

In last week’s blog post we talked about the benefits of enabling students to register their devices remotely before they even leave home for school.

In this post we have created a checklist that will help you prepare for BYOD while balancing the between securing the network and enabling productivity:

1. Conduct an in-depth analysis of your network visibility and security

• How much visibility do you currently have into who and what is connecting to the network?
• Can you identify the types of endpoint devices that are connecting, as well as who is using those devices to connect to the network?

2. Create or update your BYOD policy

• Decide which devices you will support (iPads, smartphones, PlayStations, Xbox, IPTV etc.)
• Determine which operating systems you will support, and which AV software you will require (and their versions). Allow at least one “free” antivirus option whenever possible.
• Decide whether you will prohibit or restrict any specific applications (such as Peer-2-Peer music sharing)
• Determine the different role-base access policies needed for faculty, staff and students
• Determine remediation policies – such as isolation, limited access
• Keep the process simple – remember that students get frustrated easily

 3.  Implement in phases

• Start with problem areas that are high risk
• Expand into other areas

 4.  Provide a solution for guests

• Make guest access easy to find and connect
• Limit guest access (network and bandwidth) or guest networks may become overused and overloaded

 5.   Communicate the policy

• Keep it simple:  the fewer words the better
• Make sure all stakeholders know the policy requirements
• Offer assistance (give them a supervised place to go when they get frustrated)
• Let them know you are just ensuring compliance

One of the most important things to remember is that you can’t just set up your policy based on a snapshot of security risks and student/faculty needs at a single point in time. BYOD is an on-going process: You must continuously check for the changing needs of users, and modify your policy accordingly. Using the right technology solution is a key factor in ensuring your policy is up-to-date and network access is automatically managed. Network access control gives your IT department the ability to manage and secure the BYOD tsunami, while enabling students and faculty to take education beyond the classroom walls–a win-win for IT and education.

This time is going to be upon you sooner than you thought — the start of the next academic year — the greatest and worst time of the year when students return to campus by the hundreds or thousands to make your life miserable with their complaints that they can’t get on the wireless, the network is slow, they are stuck in an endless registration line and they have ten devices to register still.

What is a network administrator to do?  Luckily, Bradford Networks’ Network Sentry has a unique feature called Remote Registration that offloads and optimizes the student on-boarding process. Through a Captive Portal, you can provide your students the ability to register all their devices from the comfort of their homes, even before they set out for school at the start of a new semester.

So, how does it work? After configuring the Captive Portal in Network Sentry, you simply email the Remote Registration URL information to all students prior to their arrival on campus.  Students can click on the Remote Registration page on each device they intend to bring with them to campus and follow the easy instructions to enter their username and password (conveniently provided in the same packet as the Remote Registration information).

In addition to registering student devices you can also require that these devices be scanned to meet your campus security policies.  The same posture scans you have created to be used on campus can be used to scan devices registering remotely.  This will ensure that your network continues to be a safe haven for all connected devices while introducing new students to the requirements for anti-virus/anti-spyware and patching their operating system on a regular basis.

Network Sentry’s Remote Registration feature is not just for student device on-boarding.  If you are hosting a conference or seminar you can have all attendees pre-register their device(s) prior to attending the event.  The same for visiting professors, or faculty or distinguished speakers at school events like graduation.

Network Sentry was created and tested to meet the demanding needs of Bradford Network’s education customers and has gone on to address the needs of our enterprise customers as well, but you never forget where you started.

Now get back out there and resume your leisurely stroll across campus, secure in the knowledge that “You’ve got this”.

On May 7, Bradford Networks will be presenting a webinar on “The BYOD invasion of 2014: Will you be ready?” This webinar will highlight key issues that education institutions need think about when preparing for the onslaught of students and their devices at the beginning of the academic year. Click here for more details and to register.

The solution has reduced a 4 – 6 hour manual process to five minutes without sacrificing security or accountability. It’s another example of the power of Network Sentry, providing visibility and access control to solve a wide variety of problems for both wireless and wired networks.

Setting the Stage
The film company provides facilities for numerous production companies that come on-site to shoot commercials, movies, TV shows, and other projects. They’re recording video and audio, they’re editing, they’re writing scripts, they’re reviewing and collaborating—and for all that activity, they need a network. They go to the room where they’ve been assigned and unpack their equipment—their desktop computers, printers, and other devices. They look for network ports to plug in the cables and find there aren’t enough to go around. Now what?

The answer is to install a workgroup switch that plugs into the jack and provides the extra ports needed for their equipment. But it’s not as simple as buying a LinkSys hub from Best Buy to connect more devices to your home network. These devices need to be managed—to make sure they’re assigned to the right network resources and not eavesdropping on other production companies. That’s where Network Sentry comes in handy.

Before: A Cumbersome, Manual Process
The help desk would get an urgent call from the production company, which would write a trouble ticket and send it to the Network Engineering group. Someone from Network Engineering would pull a workgroup switch from inventory and bring it to the production company’s location to see where (the building, room and port) it could be plugged in.

Additionally, behind the scenes in the data center Network Engineering had to manually configure the selected port to the appropriate VLAN, and modify the port configuration to support the required number of devices that were connected the switch.

This cumbersome process could take 4 – 6 hours or longer, especially when the engineering team is busy servicing multiple groups. During that time, the production company is sitting idle, wasting time and money.

Now: Fully Automated Process
When the production company needs to connect additional devices, they call the help desk. Instead of writing a ticket, they log into Network Sentry and assign a role to the workgroup switch that matches the role assigned to the production company. For example if Production Company #3 requests a switch, the Help Desk assigns it to the ProCo3 role. Total elapsed time: about 30 seconds.

The help desk gives the switch to the production company and tells them to plug it in anywhere in the room or building where they are assigned. When they plug in the switch, Network Sentry detects it immediately by its unique characteristics, recognizes that the switch is assigned to the ProCo3 role, and increases the number of “allowed devices” on that port. It will also automatically assign any additional devices that connect to the VLAN associated to the ProCo3 role. And Voila! All the work that the network engineering team previously had to do manually now happens automatically so the production company can plug in their equipment and get to work within a few minutes.

When the production company’s work is done, they simply unplug the workgroup switch and return it to the help desk. Network Sentry detects when the switch disconnects from the network and automatically reconfigures the port to its original state for use by the next production company that comes in and needs network access.

There’s one more important piece. Network Sentry keeps track of how many devices and what type of devices the production company connected to the network, and for how long. At the end of the production company’s contract, the film company can generate a report for ProCo3, showing that they had nn devices on the network, along with an itemized list of each MAC address, IP address, device type, location and connect/disconnect times, which they can use to generate a bill.

Another Network Problem Solved
The solution greatly simplifies the temporary on-boarding of managed network devices, with Network Sentry providing automated security, access control and accountability behind the scenes. For our customer, it’s a significant advancement. The network engineer was eager to share the results with his colleagues, and reiterated, “No other vendor has anything close to this”.

InfoSec World Expo and Conference, Orlando, FL., Booth #104, April 15, 2013— Bradford Networks™, the best choice to secure network access for BYOD, today announced its participation in the InfoSec World Expo and Conference. During the conference Bradford Networks’ Founder and CTO, Frank Andrus, will present a session on the evolving network threats introduced by bring-your-own-device (BYOD), and will provide recommendations on how to address them.  In addition, Bradford Networks will demonstrate its award-winning network access control (NAC) solution, Network Sentry, in booth #104 at the InfoSec World Expo, April 15-16 at the Walt Disney World Swan & Dolphin, Orlando, FL.

Who:                     Frank Andrus, founder and chief technology officer, Bradford Networks

What:                   “Network Security in the Era of ’Consumerization of IT’”

BYOD, while beneficial for employee productivity, increases the threat vectors on the corporate network by order of magnitude. In order to keep the network and access to corporate assets secure, IT must have visibility and control over who and what is accessing their network at all times. In this session, Bradford Networks’ CTO Frank Andrus will explore the security challenges introduced by personal mobile devices and provide best practices on how to address them.

Session attendees will:

• Hear real-world examples of how organizations are ensuring secure BYOD
• Discover how organizations gain better visibility into who and what is accessing their networks
• Address  the access control and compliance challenges organizations face
• Understand the new controls companies need to deploy to ensure their networks are secure from new threats
• Learn how to maintain a secure IT infrastructure while managing the needs and demands of an expanding workforce

When:                  Tuesday, April 16 from 9:45 – 10:45 a.m.

Where:                Walt Disney World Swan & Dolphin, Orlando, FL

For more information on InfoSec World 2013, please visit the event website at http://www.misti.com/default.asp?page=65&Return=70&ProductID=5539&LS=infosecworld.

About Bradford Networks 

Bradford Networks offers the best solution to enable secure network access for corporate issued and personal mobile devices. The company’s flexible Network Sentry solution is the first network security offering that can automatically identify all devices and all users on a network, providing complete visibility and control. Unlike vendor-specific network security products, Network Sentry provides a view across all brands of network equipment and connecting devices eliminating the network blind spots that can introduce risk.  Network Sentry is now used by more than 900 enterprise customers worldwide in markets such as healthcare, financial services, retail, government, education and more. For more information, please visit www.bradfordnetworks.com.

BYOD increases the number of potential threats exponentially. Here’s why: If people are bringing their own devices onto an enterprise network, the chances are they’re bringing not just one device, but two, three or more. Instead of a one-to-one ratio, you may have one employee to three devices, in which increases the potential attack vector by orders of magnitude. (This ratio can get more extreme. We do lots of work with colleges and universities, and know of one student who brought fourteen personal mobile devices to campus, which all have to be tracked, managed and secured.)

This onslaught of personal devices makes it virtually impossible for IT staff to take action manually when a device threatens your network and our business. When your firewall or other threat detection software detect a security breach at a particular IP address, you currently need to physically track down who is responsible and tell them to get their device off the network. But when you have thousands of personal devices on your network, simply knowing the IP address isn’t much comfort, because it’s impractical to track, manage and secure them manually.

In a BYOD setting – where people are bringing in all sorts of devices on a massive scale – security software (which could be software you already have) and network access control (NAC) need to work together. When the firewall, IDS/IPS or other threat detection software detects a security breach at a particular IP address, the NAC software should be able to automatically identify the compromised device, isolate it (or send it to a safe guest network), and send an alert to the user. Depending on the type of threat and your security policy, it could even direct the user to take other remedial action.

As you can see, secure BYOD is all about assembling building blocks that can work together automatically: to detect the threats, identify the device and provide remediation. The ability to automatically correlate information from different technologies and take action according to your security policy is the “secret sauce” that allows end users to bring in as many personal devices as they want without compromising security.

Making it work is easier than you might think. Our recently released Network Sentry SmartEdge platform provides an open API that seamlessly – and centrally –  integrates our network access control solutions with security software, such as FireEye, Fortinet, Palo Alto Networks, mobility applications, such as AirWatch and MobileIron, and network infrastructure vendors including Aerohive, Brocade, HP, Meru, Ruckuss Networks and Xirrus. With SmartEdge, you can use software from your preferred/existing vendors to create a secure, integrated and automated BYOD solution that’s appropriate for your environment.

SmartEdge provides the foundation for an integrated BYOD ecosystem that can be easily tailored to address your specific BYOD strategies, challenges and infrastructures. It’s all about seamless automation, providing visibility and control across the network so you enable secure BYOD with confidence.

One recent example is Samsung KNOX, a product that creates two containers, one for enterprise and one for personal use. If you want to use the enterprise container, you need to VPN into the corporate network to access any applications running there. In theory, all work you do within the enterprise container stays in the enterprise container. If you’re using your personal container, the corporate network is off limits.

KNOX is a great solution for controlling and managing the device if you’re at home or at a hotspot at your local Starbucks. But it can’t control network access in a BYOD setting like a corporate or hospital wi-fi network. If you bring your smartphone, tablet or other personal device to work, you can simply type in your user name and password, and your device is logged into the company network. Even with KNOX, there’s nothing to stop you from accessing enterprise files and downloading them to your personal container or folder.

Companies that allow BYOD need to manage its risks. They need to ensure that the proper user with an approved device has appropriate access to the corporate network. Many companies deploy Mobile Device Management (MDM) software to address this issue, but then find that MDM doesn’t actually solve this problem, it solves a different one: MDM looks at what’s on the mobile device itself, and gives IT control over the data and applications on that device. MDM software performs a vital role – it makes sure that the software and data on the device are safe, and can wipe a device if it gets stolen or lost. But MDM doesn’t give IT the ability to determine whether to allow a certain device to connect to the network and how much access to give it.

We see this misconception time and again – a company will deploy MDM software but then realize that they’ve only addressed part of the problem, because employees can still log onto the network with their devices, and the MDM software can’t stop them or even detect that they’re doing it. Moreover, MDM can only manage devices that have the MDM agent installed. If an employee brings in a personal device that does not have the MDM agent installed, the MDM server and therefore the company are blind to that device.

Thus just relying on MDM is like putting the cart before the horse – that’s the message we’re hearing from customers and partners– something is missing.

In order to protect your network and your organization, and effectively manage BYOD risk you first need to know what’s really happening on your network, and then you need to control the physical access of each and every device. That’s the job of Network Access Control (NAC). With this visibility and control you should then layer MDM on top to automatically enforce your policies on the devices themselves. Here’s the sequence you need to follow:

1. Use NAC to get visibility into who is accessing your network and what devices they are using.
2. Create policies based on this information, specifying who can access the network, what device(s) they can use, and what software is appropriate for the device.
3. Deploy an MDM solution that includes seamless integration with NAC, to manage the mobile device software and applications according to these policies
4. Utilize NAC to check whether the device is enrolled and managed by the MDM solution, and then provision network access based on the pre-defined policies for each scenario – who the user is, what device is he/she is using, whether the device is managed or unmanaged, the location of the user and time of day.

KNOX can provide employees with secure corporate access from home, but a secure BYOD solution at work needs to integrate NAC with MDM, as well as other security solutions including firewalls , IPS and other threat protections products. Together, they deliver a BYOD Blueprint that ensures full visibility, control and protection of the corporate network and assets, and the mobile devices using it in this era of IT consumerization.

CAMBRIDGE, Mass.– March 18, 2013 — Bradford Networks, the best choice to enable secure network access for corporate issued and personal mobile devices, and FireEye^®, Inc., the leader in stopping today’s new breed of cyber attacks, today announced the technical integration of their product offerings. Through this integration, FireEye and Bradford will offer a bring-your-own-device (BYOD) security solution to provide organizations with advanced quarantining options of corporate-issued and personal mobile devices infected with stealthy Web and email threats.

“BYOD can greatly increase productivity, reduce costs, and drive employee satisfaction, but with it comes additional security risks. The combination of Bradford Networks’ solution and the FireEye platform will greatly increase an organization’s ability to deal with the risks introduced to the network by endpoints that have been compromised by today’s new breed of cyber attacks,” said Manish Gupta, senior vice president of products at FireEye. “The FireEye integration with Bradford Networks is indicative of our commitment to continually serving the evolving needs of today’s businesses as they embrace new security technologies for efficiency and collaboration.”

The FireEye platform unifies many security technologies to help enterprises modernize their security strategies, helping to stop today’s new breed of cyber attacks, such as zero-day and advanced persistent threat (APT) attacks that bypass traditional defenses and compromise more than 95 percent of networks. It is a cross-enterprise, signature-less protection platform designed to secure across attack vectors and across every stage of an attack life cycle, from exploit to exfiltration. Bradford Networks’ network access control (NAC) solution automatically identifies and profiles all devices and all users on a network—providing complete visibility into who, what, where, and when someone connects to the network—and then provisions network access based on pre-defined security policies.

Bradford Networks ensures that connecting devices comply with the company’s security configuration policies, while the FireEye platform is designed to ensure the devices are not infected with today’s new breed of cyber attacks, such as zero-day threats and APT attacks. Together, the integrated solutions offer rapid isolation of systems and users in the event of a zero-day attack or off-premise APT attack. FireEye identifies an infected system and blocks any malware outbound transmissions to neutralize the cyber attack. In conjunction, Bradford is alerted to the affected end system(s) so that it can enforce advanced isolation policies to mitigate the spread of malware within the network. Bradford Networks automatically applies the company’s pre-defined policy to remediate the problem, such as isolating the device at the edge of the network and blocking all communications to the IP address.

Key benefits and features of the integrated Bradford Networks and FireEye solution include:

• Automated, rapid response—automatically correlates user, device, and location information with newly or previously infected device’s IP address for immediate detection and remediation
• Auto-quarantine—automatically removes or isolates non-compliant or infected devices from the production network
• Reduced Total Cost of Ownership (TCO) —increases security by automatically discovering all infected mobile devices on the network and enforcing security access policies based on user and device profiles to cut IT management overhead

“More and more companies are investing in BYOD solutions to provide employees with the flexibility to use personal devices on the corporate network. We are very pleased to integrate with FireEye to jointly deliver a comprehensive security solution that addresses the Web threat vectors on mobile devices” said Vincent Ma, vice president of business development, Bradford Networks. “This partnership with FireEye adds another key industry player to our BYOD technology ecosystem, which combines the benefits of mobility, security, and MDM solutions with NAC to address customers’ unique BYOD strategies.”

About FireEye, Inc.

FireEye^® has pioneered the next generation of threat protection to help organizations protect themselves from being compromised. Cyber attacks have become much more sophisticated and are now easily bypassing traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways, compromising the majority of enterprise networks. The FireEye platform supplements these legacy defenses with a new model of security to protect against the new breed of cyber attacks. The unique FireEye platform provides the industry’s only cross-enterprise threat protection fabric to dynamically identify and block cyber attacks in real time. The core of the FireEye platform is a signature-less, virtualized detection engine and a cloud-based threat intelligence network, which help organizations protect their assets across all major threat vectors, including Web, email, mobile, and file-based cyber attacks. The FireEye platform is deployed in over 40 countries and more than 1,000 customers and partners, including over 25 percent of the Fortune 100.

About Bradford Networks

Bradford Networks offers the best solution to enable secure network access for corporate issued and personal mobile devices. The company’s flexible platform is the first network security offering that can automatically identify and profile all devices and all users on a network, providing complete visibility and control. Unlike vendor-specific network security products, Bradford Networks provides a view across all brands of network equipment and connecting devices eliminating the network blind spots that can introduce risk. Bradford Networks is now used by more than 900 enterprise customers worldwide in markets such as healthcare, financial services, retail, government, education and more. For more information, please visit www.bradfordnetworks.com.

I saw this interest firsthand in my discussions with healthcare related CIOs, CSO’s and IT and IT security professionals. They know the many benefits of BYOD in a healthcare setting including the convenience and employee and patient satisfaction for caregivers, as well cost savings for the healthcare facilities. But they also know there can be serious information security and compliance risks when individuals use their personal devices to access applications or networks that contain patient or employee non public personal information (NPPI) including healthcare or financial related data.

While at HIMSS, I had the opportunity to present a conference session on the key BYOD risks and security challenges and how they can be effectivel addressed. In this session I covered:

• Key privacy and security concerns that hospitals and other healthcare organizations need to understand when implementing a BYOD strategy
• When BYOD makes sense and when it does not based on those concerns
• Proven concepts and techniques to address risk and security concerns to allow BYOD to be part of a healthcare organization’s IT strategy

On March 19, I’ll be examining these issues in a webinar conversation with Tom Murphy, Chief marketing Officer at Bradford Networks. Tom and I will discuss the security risks inherent to BYOD, common misconceptions, and practical solutions for a healthcare environment. A question and answer session will follow. Based on my experience at HIMSS, it should be a good one!

This is a great opportunity to learn about secure BYOD in healthcare, and how to make it work for your facility or organization. We hope you’ll join us.

John Pironti is a leading authority on information risk management and security strategy. He is a published author and writer, often quoted by global media, and is an award winning speaker on information risk management and security topics. He is President of IP Architects, LLC (www.iparchitects.com).