It’s estimated that in today’s workforce, some thirty six percent of businesses now fully support BYOD – Bring Your Own Device, at least for mobile devices. Depending on the surveys you read, that figure rises to eighty six percent if you widen the scope to include any kind of support at all, even if grudgingly given. Some people hail this policy as a great way forward in motivating staff productivity, while others take issue with the potential for security vulnerabilities and the burden of supporting a more diverse range of equipment.
What is BYOD?
For employees, the attraction of BYOD is simple, they get to use their own consumer gadgets in place of corporate laptops or phones, and have a great deal more flexibility in how they can work – accessing work email at home, for example. The company contributes towards costs and provides helpdesk support. Of course, what many people do not realize is that the same restrictions and liabilities that relate to the use of corporate equipment will now apply to their devices. Security policies enforced on email access may deny them access to their own devices, or they may find their equipment being subject to discovery searches in the event of litigation against their company.
What Are The Biggest Issues for IT Managers?
Whether access is restricted to mobile devices or not, there are four main concerns that have come to the fore for IT Managers:
Access to legacy systems
Each of these elements needs an IT Manager to be actively involved in the formation of policy. With BYOD, even though the end user still owns the device, it is essential that the data on it must remain the property of the business. The challenge for the IT manager therefore comes from attempting to achieve administrator rights on these devices.
A number of recent reports from companies involved in facilitating BYOD strategies clearly report that staff will disregard HR and IT policies as a matter of course. They operate under the assumption that data security is a problem for IT and the business, not for them. This relaxed approach to security and responsibility will not be any great surprise to most IT Managers.
How To Manage Mobile Devices
Fortunately there are now a good variety of enterprise level software solutions available to assist in extending and enforcing secure communications policies. The use of firewalls and IDP (Identity Provider) Services as part of a federated password policy is encouraged. This will allow administrators to monitor and block users on an individual device basis if malicious behavior is encountered. It will not prevent them from accessing services from an authorized piece of equipment, but will prevent malware if it is detected.
Coupled with BYOD solutions that provide Authentication, Authorization and Accounting (AAA) functions this will handle the essential tasks of authentication and the connection of devices to the correct ports or access points while running appropriate auditing functions while the member of staff is using their mobile device.
BYOD Related Posts: