This work-anywhere employee perk can become a security nightmare for IT without a strong BYOD policy
Many organizations have found that allowing employees to use their own devices at work leads to increased satisfaction, greater responsiveness and better accessibility to workers. While this is all good news for employees, it creates a challenge for IT personnel who are tasked with allowing employee owned devices without compromising the safety and security of their companyâs data and infrastructure.
More Stringent Policies Needed With BYOD
Gartner predicts that by 2018, the number of employee-owned devices used for work will be double the number of company-owned devices. Yet a 2014 security report published by Check Point Software indicates that most companies struggle to securely manage employee-owned devices. A staggering 95% of the 700 IT professionals surveyed indicated that developing and supporting a BYOD was a struggle in their organization.
Significant problems can arise when allowing employees to use their devices for both corporate and personal use. While most corporate owned devices use disk encryption and authentication methods to protect devices and data, BYOD smartphones and tablets often donât have these extra layers of security in place.
Guidelines for Crafting BYOD Policies
Use these guidelines to ensure your organization is ready to handle the security threats that BYOD policies may introduce in your workplace.
- Determine which devices are allowed to which employees
One of the most important components of any BYOD framework is identifying and communicating the types of devices that your company is planning to support. Who will be allowed to use their personal devices? Which devices will you support? For example, you may support either iOS, Android or both. These questions are incredibly important because the answers will ensure your employees understand what type of devices will be supported on the corporate network.
- Establish a robust security policy across devices
When users operate their personal devices, they will often avoid using any type of password or lock screen, which can introduce major security vulnerabilities. Even if employees argue against these security measures, itâs important that your IT team stay vigilant to ensure employees are following through with implementing this additional layer of security.
- Identify what apps you will allow
With new mobile apps being released on a daily basis, employers must ensure theyâre staying up to date on which apps will be allowed on employee owned devices. List which applications are required to be on employee-owned devices. Also consider which apps should be prohibited for security reasons.
- Determine who owns what data and apps
When your employees choose to use personal devices for work related tasks, they will obviously have certain data and apps that are not related to your company. The complications with this approach usually arise when a device is lost or stolen and therefore needs to be wiped clean remotely. In these instances you want to have a strict policy as to how this situation is handled. If your policy is that all devices that are lost or stolen are wiped clean, youâll want to ensure your employees understand the ramifications of losing personal data.
You should consider MDM (mobile device management) software, which will allow you to destroy all company data while leaving personal data intact. It can also be used to restore factory settings, which will wipe both personal and company data from the device, or even to wipe out the entire contents of the device, which will render it completely useless.
- Have an employee exit strategy
With employees using personal devices at work, itâs important to also have a policy in place that addresses the issues that will arise when someone leaves the company entirely. Some companies merely shut off access to email and synchronization services while others require a full wipe of a BYOD-enabled device. Whatever policy suits your company, make sure that your employees are aware of how it will affect them if they leave the company.
BYOD Policies Need to be Flexible
As technology evolves, your companyâs BYOD policies will need to evolve as well. Creating a framework for your BYOD policy, youâll be able to better control your private information and respond to changing security requirements based on emerging trends. For help establishing a robust framework and BYOD policy, request a consultation with our mobility experts today.
- February 2019 (1)
- September 2018 (1)
- August 2018 (2)
- July 2018 (2)
- June 2018 (3)
- May 2018 (2)
- April 2018 (1)
- March 2018 (2)
- February 2018 (2)
- January 2018 (1)
- December 2017 (1)
- November 2017 (2)
- October 2017 (2)
- September 2017 (2)
- August 2017 (2)
- July 2017 (2)
- June 2017 (1)
- May 2017 (3)
- April 2017 (1)
- March 2017 (3)
- February 2017 (2)
- January 2017 (3)
- December 2016 (2)
- November 2016 (2)
- October 2016 (3)
- September 2016 (1)
- July 2016 (1)
- June 2016 (3)
- May 2016 (2)
- April 2016 (5)
- March 2016 (2)
- February 2016 (1)
- January 2016 (4)
- December 2015 (5)
- November 2015 (5)
- October 2015 (5)
- September 2015 (4)