Making BYOD Work For My SMB
Regardless of how you may feel about BYOD (bring your own device), employees have been doing it already for years and the trend is growing. The meteoritic rise of social media coupled with users who want access to corporate data while on the road has strengthened users' position. Businesses have begun to look at the benefits of it such as cost savings in machinery, but security risks still remain. Let's look at how you can make BYOD work for your company.
Each device added to your corporate environment, voluntarily or not, poses a new risk to your company. There's primarily two issues: the potential for malware spreading into your network and loss of private data.
In the case of malicious code, while less common than traditional laptops, it is possible that mobile devices such as iPads and smartphones can be just as dangerous (especially "jailbroken" devices which can cut through the operating system's security). As data is made available to mobile devices, there is the potential for data loss especially since many users don't enable the same precautions they would on their corporate laptop and the loss rate of these devices is higher.
The first step is to determine how your own users are using your corporate data. Are they using it for business e-mail? Storing customer data? Perhaps they are using it as a storage device for their application credentials. This allows you to prepare a framework that minimizes business risk.
You may not be able to control the devices, but you can control the data. Your network administrators need to identify which BYOD users are entitled to which data as well as what kind of access they should have to it.
Device monitoring is a challenge for BYOD devices since little can be done until the device is connected to the corporate network. The best strategy to address this is through end-user security education. Specifically they need to be trained how to securely store data on their devices and implement other security best practices such as automatic device locking.
It's probable that some employees will not take the necessary precautions initially or over time may become less attentive to their responsibilities of ensuring a secure device. To address this, random audits should be conducted on employees' devices. Use it as an opportunity to judge whether your policies are working and to fine-tune what needs improvement.
The latest firewall technology supports the demands of BYOD by implementing even more detailed network monitoring capabilities and granular usage policy enforcement. This lets administrators set up firewall policies that would, for example, prevent a user passing out sensitive information into cloud systems such as Google Drive.
The overarching challenge for administrators (and one with no end in sight) is to continually monitor for known device vulnerabilities that could affect their own user base. For example, if a known iPhone bug could allow malicious code to be carried and transferred into the network, it would be critical that administrators respond swiftly by initially blocking traffic from such devices and contacting the end users. If your staff is overwhelmed at trying to keep up with the ever-changing IT landscape, you might consider using a third party vendor to assist with monitoring solutions.
Your employees are likely already bringing their own devices to work and unless appropriate measures are taken, your corporate data could be at risk. Remember, security is only as strong as its weakest link and all it takes is one device to be compromised. It's imperative to begin taking action now on your BYOD plan.