With the increasing use of mobile phones, tablets and other mobile applications, the lines between work and personal have become blurred. Many employees, not just remote employees, are checking email across multiple, synced devices. As more applications move to the cloud, companies will be updating their processes and policies to accommodate these changes; affecting the way they conduct their business.
As a result, many companies are moving to a “Bring Your Own Device” or BYOD environment. It’s a policy that many companies are implementing to allow employees bring their own devices into the office.
For many, the question becomes, “why would I want a BYOD environment?” What are the benefits to implementing it? From the employee’s perspective, you get to use devices that you are already using and familiar with; eliminating the need to carry two laptops (personal and work) and multiple phones. This can be especially helpful for remote employees and those that travel frequently and work from their phones and tablets. Companies see it as a significant cost savings by not spending money on equipment purchases; opting instead to provide more technical support. So, if you’d normally be buying and supporting 1,000 tablets, using that same budget, you could support 2,745 tablets that are owned by your employees. This can be a big win for smaller companies that struggle to keep up with the need for new equipment and costly updates.
Ensuring Network Integrity with Employee Devices (BYOD)
- Educate and Train: With BYOD, a lot of responsibility is placed on individual employees. While personal security measures may seem simple, when dealing with a company’s sensitive records, it’s important to train employees on proper and improper security protocols. Training should focus on employee do's and don'ts that could expose the company to increased risk. Examples could include tutorials on downloading the latest anti-virus software and awareness on the dangers of clicking on links from unverified parties. Proper practices will reduce threats to the company while increasing employee knowledge on good security practices that also can be exercised in their personal lives.
- Up-to-Date Security Policies: Prior to launching a BYOD environment, make sure your policies have been updated to accommodate these new procedures and that they clearly identify the proper processes to protect the company’s data. Also, having up-to-date, clear policies in a centralized location can help eliminate ambiguity people may have regarding security best practices as well as reinforce any security-related training they may have had. Having a centralized learning hub encourages employees to refer back to established practices whenever they’re not sure of what to do. Clearly communicate all changes, new processes, and the location of this documentation across the company.
As time goes on, technologies and their environments change. Company policies and training should reflect those changes. What was once the best security measure can quickly become obsolete. Updates are vital to stay on top of the new threats and vulnerabilities that evolve with the technology.
- Mobile Device Management: With people using their personal devices for work, there’s the risk that devices could get lost. What do you do when a device with sensitive company data on it is lost or stolen? One option is to utilize a Mobile Device Management system, or MDM, that lets you track the device and set policies. These policies can range from password to virus protection protocols or login tracking that monitors failed login attempts and disables the device after a certain number of failed entries. For example, the Microsoft Intune portal is an admin app used by many companies. It provides as an easy way to set protocols on employee-owned devices. It also can be used to manage access to corporate resources; letting you securely access those resources.
Ensuring Network Integrity with Pre-Selected Device Options (CYOD)
- Choosing Your Own Device: Don’t think BYOD is a good fit for you and your company? Then a CYOD policy may be the best option. With CYOD, or “Choosing Your Own Device,” the company provides employees with a shortlist of approved devices from which they can choose. These devices can be company-issued, employee-owned, or a mix of both. This still allows employees the ability to use devices with which they are familiar, while allowing for increased security. Instead of managing a broad array of unique devices, each having their own vulnerabilities, limiting devices reduces the number of vulnerabilities.
Effective BYOD requires clearly stated and up-to-date policies, training on those policies and the proper technology to ensure the security of company networks. Tech Data has the knowledge, expertise and resources to help. Basic security awareness can start with these online resources. For additional information, Tech Data Partners can log into LevelUp, our partner resource website or by contact their security account manager.
About the Author
Divya Prabakaran is an intern with the security team at Tech Data. She is currently pursuing a bachelor’s degree in Cybersecurity at the University of South Florida. When she’s not writing security blogs or doing schoolwork, she can be found in her kitchen baking and taste-testing her new recipes.