Do you know how many devices are connected to your business’ network at any given time? A few decades ago, it would have been easy to check – just count the number of computers in your office, ask anybody if they’ve brought a laptop with them, and there’s your answer. But in today’s Bring-Your-Own-Device (BYOD) culture, coupled with the ubiquity of wireless networks in personal and professional life, determining how many devices you’re hosting is decidedly more complex. Combined with the global nature of business today and the fact that many enterprise networks occupy vast geographical territories, inadequate device management can become a major threat to network security.
In this article, we’ll take a look at some best practices for BYOD policy management, and how effective security measures can boost your business’ productivity whilst creating a safe environment.
BYOD culture isn’t going anywhere soon
There’s no way of getting around it: BYOD culture is an intrinsic part of the modern world. Technology has broken into the mainstream to such an extent that just about anybody, of any age or cultural background, is likely to make daily use of at least one internet-enabled device. Allowing users the freedom to bring their own devices to work is becoming an expectation in today’s workplace, but it’s crucial to manage this against the potential risk to data security that comes with it.
Dave Martin, Vice-President and CSO at EMC Corporation, elaborates in an interview with TechTarget: “Disallowing BYODs just pushes them underground where you lose visibility. I’d rather see BYODs and deal forensically with risks than try to convince myself that I can block them outright. Experience has shown that’s a failed strategy; users find a way in. But if you’re too permissive, you’re open to data loss. We are unable to lock down BYODs in the same way, so we need to be smarter about how we use them.” For a BYOD security strategy to pay off, it needs to balance the needs of your business with those of your employees, and this means accepting the fact that BYOD culture is here to stay.
Balance BYOD Security risks with employee privacy
For a BYOD Security policy to be successful, it’s essential that a BYOD agreement is put in place and adhered to as closely as possible. In “Realizing The Mobile Enterprise”, published by RSA Security for the Security for Business Innovation Council, a BYOD agreement checklist is laid out as follows:
- Ensure that end users are responsible for backing up personal data
- Clarify lines of responsibility for device maintenance, support and costs
- Require employees to remove apps at the request of the organization
- Disable access to the network if a blacklisted app is installed or if the device has been jail-broken
- Specify the consequences for any violations to the policy
It’s also important to remember that accidents happen, regardless of who owns the devices your employees bring to work. The Security for Business Innovation Council cites lost or stolen devices as its top concern, but, according to Osterman Research, approximately one in four devices have a remote-erase function. If you can’t ensure that sensitive company data can be remotely deleted in case of emergency, you should seriously consider restricting access levels for BYODs.
BYOD doesn’t necessarily spell certain doom for your organisation
While it’s true that BYOD culture is incompatible with traditional concepts of the network perimeter, and that it comes with many security threats, there are clear benefits that can be leveraged to increase employee productivity and satisfaction. The most notable is providing staff with “anywhere access” to network resources, meaning key members can be as productive, if not more so, when working from home or abroad. Letting employees bring in their own devices also means you’ll cut costs on having to provide them with company-issued ones. It’s likely that having their own device will mean more to employees than being supplied with a company-owned one, meaning they’ll be more likely to take care of their device and further mitigate risks.
The most important part of a good BYOD security strategy is consistency
Having a clearly defined BYOD Security policy, especially for large or multinational corporate entities, is paramount in minimising BYOD-related risks. It’s important that your employees are made aware of the risks involved with bringing their own devices to work, and understand the consequences of putting your company’s security in jeopardy. Make sure that your BYOD Security policy is meticulously enforced, and that staff across the board are aware of what it entails. Having full control over a BYOD office culture may never be possible, but laying a solid foundation for a consistent security policy is a guaranteed way to be as prepared as you possibly can be.
For more information on the complexities of operating a network in today’s BYOD office culture, please download a free copy of our Network Manager’s Guide to a Stable and Highly Available Network today.
[fusion_builder_container hundred_percent=”yes” overflow=”visible”][fusion_builder_row][fusion_builder_column type=”1_1″ background_position=”left top” background_color=”” border_size=”” border_color=”” border_style=”solid” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”no” center_content=”no” min_height=”none”][hs_action id=”1852″]
Image credit: certificationeurope[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]