. Inventory authorized and unauthorized devices

You can’t create and implement a network access policy in a vacuum. Before setting up controls to enforce your network access policies, you need to conduct a reality check to see what devices are currently on the network and who is using them. In the past, inventorying all the devices on a complex corporate, hospital

or university network could take months or even years. This information is now available in real-time, providing IT with complete visibility and control of all devices on the network (including previously unknown devices). By providing an accurate view into what devices are currently using the network, the inventory will help you make sure the access

policy you have defined is sound, and in line with employee preferences and requirements. You can then use that information to fine-tune the BYOD policy if necessary before starting to enforce it in Step 9  8. Inventory authorized and unauthorized users You’ll also need to inventory all users (known and unknown) who are currently accessing your network, and what devices they’re using. This is where, for example, an IT administrator will discover that a group of doctors are using iPads because they can be sterilized, even if the policy dictates they should be using Blackberrys. (Yes, it has happened!) Steps 7 and 8 give us a complete view into the current BYOD environment: what devices are accessing the network, who owns them, what company applications they’re accessing, and what personal applications are running on their device (including apps with vulnerabilities that could