"Employees using their own devices could cause the network to be vulnerable. But nevertheless IT managers must at all times be able to guarantee bandwidth to critical applications while limiting undesired or dangerous traffic."
The good news is that implementing a BYOD policy doesn't require a complete redesign of an organisation's IT infrastructure.
"Many vendors and solutions providers have started to address these challenges and build a framework around them," says Hani Nofal, Director of Intelligent Network Solutions, GBM.
"By making sure that personal devices meet certain security standards such as Wi-Fi security, VPN access, and perhaps add-on software to protect against malware, a high level of security can be guaranteed."
Bulent Teksoz, Chief Security Strategist, Emerging Markets, Symantec, agrees, but says businesses should prioritise educating employees about mobile threats and protecting business-critical information that employees are accessing remotely.
"Businesses can use mobile device management (MDM) and mobile application management (MAM) tools to help maintain an inventory of the devices connecting to company resources and also make sure employees are adhering to policies. Reputable MDM tools also allow businesses to ensure both personal and company-owned mobile devices are wiped of business information if an employee leaves the company or a device is lost or stolen," he adds.
While a complete network overhaul is not required, the big question does remain -- how much of an investment does it require to implement a secure BYOD infrastructure?
This is of course not possible to answer without knowing the exact details of each individual company, and as such the solution can vary considerably from case to case.
"This entirely depends on the starting point," says Mikael Hansson, Head of Delivery Management, Middle East, Ericsson. "The current status of the IT infrastructure will determine whether any company is in for a large investment or a relatively small one.
"Large companies with high internal and external requirements on information security, evolving from customer requirements, like SOX, tend to have a relatively robust IT infrastructure, which then would result in relatively marginal IT investments to secure the infrastructure for BYOD. Other companies might face considerably larger investments."
The main investments will be in extending corporate infrastructure, as well as operation costs, adds Alexander Zarovsky, Head of International Business Development, InfoWatch.
"To create a secure BYOD network," he says, "the organisation needs to expand its staff for proper administration of these devices within the network, which requires extra investments.
"There's also the up-skilling and -scaling of support personnel and network engineers, plus spend on applications to support things like performance monitoring and security tools. We estimate the extension volume to be around 20 to 30 percent for infrastructure."
Sign up for MIS Asia eNewsletters.