How to BYOD like an Expert: Mobile Security Breakdown
Asking a colleague if they BYOD can inspire a quizzical glance sent your way if not talking to an employee from the IT department. Also known as “bring your own device,” BYOD is a concept which allows mobile devices to access a private or corporate network through the cloud
. Employees can access the network using their tablets, cell phones, laptops or any other mobile device.
The impact of mobile technology in enterprise IT is profound; a recent survey conducted by Gartner, Inc. reports that mobile devices have been deployed in 90% of enterprises, and the majority of these deployments are smartphones. If your company already allows mobile device usage on the company network, a BYOD policy should already be in place. Allowing employees and staff to bring their own devices has advantages, but security and usage are two large hurdles to overcome. Here are several proven strategies to become a BYOD guru.
Security policies should be strictly enforced— BYOD policies give employees the opportunity to connect to the company network and access data and resources, but at the expense of relinquishing some control. Owners, managers and IT staff are unable to govern mobile usage at all times, so strict policies should be implemented to mitigate loss. The policies should include provisions to minimize fallout based on many possible risk-factors, including:
- Physical theft of mobile devices which could expose data to unauthorized parties
- Increased risk of data loss
- Increased risk of malware infections
- Exposing confidential information to unauthorized parties
All data should be encrypted—All BYOD policies should include data encryption measures and recovery testing. Ideally, encrypted data cannot be accessed by parties with no authorization to decode the data. Additionally, any data that passes through your company’s network must be encrypted to prevent a breach. All devices that are no longer in use should be wiped clean of data when no longer in use.
Managing encryption for cellular phones is not necessarily a simple task. Various phones are unable to support the encryption standards some companies need to remain compliant to local, state and federal laws. The cost, time and resources needed to provide full phone support can be substantial. If your IT department is not equipped to provide phone encryption, contact iCorps for more comprehensive mobility advice and support.
Enforce strict usage policies—Allowing mobile device access to your network may not seem safe, however, a solid usage policy should ease that fear rather quickly. The usage policy will dictate how devices are used on and off the premises; it should be revisited annually and updated as needed.
All people interested in using a mobile device to access the company network will need to sign a formal document dictating proper usage of mobile devices. This policy should include:
- The rules regarding using the device outside of the company premises
- Which applications are allowed and restricted when using the network
- The types of devices allowed on the network
- The company’s liability for any harm that occurs to the device while on the network
- Provisions regarding accessing, copying or removing company data
- Internet usage provisions
Implement network monitoring and security— Without a gateway to catch and filter out harmful threats, viruses and other forms of malware can easily creep into your network. Mobile devices with no malware protection or insufficient protection often upload viruses to company networks inadvertently. Network monitoring software will enhance your BYOD efforts by continuously guarding your network’s integrity and preventing unauthorized attacks.
Mobile devices are replacing the old way of doing business. Contact your IT support provider for more cost-effective solutions to the “bring your own device” trend.