Disaster Management
SMB Disaster Recovery Plan
Ronald Bushnell
BYOD, or Bring Your Own Device, refers to an IT policy that allows employees to access their corporate network, data, and applications through their own personal devices.
According to Gartner, personal devices are those that are ‘personally selected and purchased’ by the employees, including smartphones, tablets and laptops.
The proliferation of high-tech mobile devices has enabled, and in some cases compelled, many organizations to embrace BYOD. For employees, this means flexible working and the ability to use devices that they’re already comfortable with.
For organizations, BYOD can save the capital expenditure of sourcing and provisioning expensive devices. Seems like a win-win situation, but here’s the catch: allowing personal devices to access internal network and sensitive company data is inherently risky.
Let’s find out the reasons behind BYOD’s rising popularity and things IT managers and CIOs must ensure to harness BYOD successfully and securely.
According to a Tech Pro survey and report, a whopping 59% of organizations have already implemented a bring-your-own-device policy, with another 13% planning to roll it out soon. Surely BYOD promises financial and productivity gains that businesses look forward to. But there are management complexities and cybersecurity challenges to consider as well.
Optimal goal realization for adopting BYOD depends on defining and implementing a comprehensive BYOD policy. Otherwise, BYOD can quickly backfire and jeopardize the company’s security and bottom-line.
Employee Hesitation: Employees may not be comfortable with the company’s security policies, such as the IT department accessing and controlling the devices that carry their personal data. Finding the right balance between device security and employee privacy can be challenging. It is vital to have all employees on board before rolling out a BYOD policy.
Implementing BYOD is not as easy as simply allowing employees to bring their own devices. To maximize the benefits of BYOD, enterprises, and SMBs need to focus on forming a comprehensive BYOD policy, including acceptable use and security policies.
Investing in Enterprise Mobility Management (EMM) and Mobile Device Management (MDM) technology along with Identity Access Management (IAM) can allow organizations to keep track of all mobile devices that authorized employees use for accessing corporate resources.
An MDM solution should support a wide variety of mobile devices and a convenient enrollment procedure to provide maximum flexibility to employees. Desktop and app virtualization and cloud-based storage can further strengthen the security and provide the flexibility needed to fully realize the productivity gains that BYOD promises.
Human resources and IT departments must develop and enforce strict policies to secure BYOD-enabled devices and sensitive information. Here are a few tips and technologies that can go a long way in securing a diverse BYOD ecosystem.
MDM solutions offer the perfect solution for visibility and control in a BYOD environment. They allow IT managers to enroll employees’ mobile devices into the corporate network and monitor them centrally.
MDM allows them to manage and secure corporate data and apps in smartphones, tablets and laptops without invading employee privacy. Admins can enforce strong password policies, selectively remove apps and data, control data sharing between apps, and execute factory resets remotely through the control plane of an MDM solution. The key is to choose a solution that supports most, if not all, commonly used mobile devices and the multiple OS being used in the organization.
Today, CIOs and IT managers have the option to choose between several MDM solutions based on their unique business requirements and pain points.
Microsoft InTune is Microsoft’s service for managing mobile devices and applications. It integrates with Azure Active Directory (Azure AD) and Azure Information Protection for access control and data security. It allows IT admins to deploy Microsoft 365 apps like OneNote and Microsoft Teams on all mobile devices while enforcing custom policies to ensure information protection.
VDI deployments and DaaS offerings enable organizations to virtualize a desktop OS and deliver it to employee’s personal computers.
Virtual desktops can be hosted on an on-premise server or a cloud-based one. They utilize the compute and storage of centralized servers managed by the IT department or a service provider. The corporate apps and sensitive data reside within the company’s data center or on the cloud. They can be remotely accessed by the employees via a client application or a web browser.
Basically, corporate apps and virtual desktops are linked to users through log-in credentials instead of residing on local devices. Virtual or remote desktops completely separate corporate and personal assets facilitating a secure and flexible BYOD environment.
Citrix Workspace, Amazon WorkSpaces, and Microsoft WVD are some of the top VDI solutions for enterprises and SMBs.
Strong passwords and passphrases can protect a device from unauthorized access even if it’s lost or stolen. Setting passwords and frequently changing them for all mobile devices that an employee uses to access corporate resources must be a compulsion. Other settings like multi-factor authentication, auto-locking of idle devices, and losing access to the device on a certain number of failed login attempts should also be enabled.
Security solutions such as native encryption or third-party mobile data encryption software can protect corporate data, at-rest, and during transit. Encrypting email and messaging apps can reduce the chances of data leakage.
IT admins must ensure that each smartphone accessing the internal network has up-to-date anti-virus and anti-malware software installed. Identity Access Management (IAM) solutions are also a good investment for granting role-based access to employees for limiting sensitive data exposure.
Cloud computing provides secure data storage for a BYOD environment. Cloud storage provides the flexibility to access data from any endpoint device anytime, anywhere.
Since data is not stored locally on a BYOD-enabled device, revoking access rights for lost or stolen devices and ex-employees is as simple as a few clicks.
Security, compliance, backups, and replication can also be shifted to the cloud service provider. Organizations, especially SMBs with limited IT staff and financial resources, can find a cost-effective and secure alternative to local data storage in the cloud.
An organization’s cybersecurity defense is as strong as the weakest link, which is often the end-user. Even the most reliable MDM solutions and cloud services are prone to data breaches because of user negligence, which accounts for nearly 64% of insider threats as per the Dtex Insider Threat Intelligence Report 2019. Crafting a BYOD policy is not enough. Employees should be aware of the best practices to keep their mobile devices secure. Employees must know:
Conducting regular security awareness training and assessments can keep your employees updated on the organization’s policy and the evolving threat landscape. They can also reveal potential weak points and loopholes that need to be addressed.
Once human resources and IT have developed a comprehensive BYOD policy, the next step is to implement it effectively. Here are a few tips for implementing a successful BYOD policy:
Following a BYOD policy template can ensure that the policy draft is comprehensive and does not miss any critical aspect. Here’s a brief sample of the sections and clauses a BYOD policy must include:
Finally, have the employees read, understand, and sign off the policy to ensure compliance. Bring-your-own-device policy has become inevitable as organizations move towards a mobile future.
Beyond improved bottom-line and productivity, BYOD allows organizations to capitalize on remote intelligence and ensure business continuity.
Companies need to focus on finding a level of BYOD support that suits their requirements. They must invest in BYOD-supporting technologies that can help them strike a balance between freedom and security.
In addition to referring to the existing literature and whitepapers, consulting a managed service provider for developing a BYOD policy and choosing the supporting tools and technologies can ensure a cost-effective, comprehensive strategy that addresses all aspects of a successful BYOD implementation.