Study after study seems to suggest that allowing staff to use their personal devices for work makes great business sense. Employees become more productive, work longer hours and are more efficient when they can use their own smartphones and tablets.
However these advantages also come at significant risk to corporate data. Lost or stolen devices could provide a backdoor direct into your company network that can then be exploited by criminals.
So how do you minimise the risks posed by BYOD?
1. Keep a register of connected devices
As your IT team connects personal devices to the company network, they should also keep a record of the user and their device details. In this way you can audit your company network regularly to detect unauthorised connections and resource usage.
2. Enforce on-device security
All smartphones and tablets come with passcode controls that restrict access. As part of your default BYOD agreement, staff should be expected to have the passcode enabled before they are granted access to corporate resources.
3. Use your existing network tools more intelligently
Many common network tools and services have functions that make it easier to manage mobile devices. Microsoft Exchange can be used to perform remote data wipes on stolen devices for instance. Make use of these tools to automate common mobile device management tasks and to manage network logons etc.
4. Force VPN use
All devices now support VPN connectivity in the same way that laptops do. To ensure that data transferred to and from devices is secure in transit, make VPN set-up one of the initial provisioning tasks carried out during the deployment phase.
5. Investigate a proper MDM solution
If your business is serious about making BYOD a key part of your IT strategy, you should invest in a proper mobile device management (MDM) system. An MDM platform allows you to enrol devices, specify and enforce network access rights and even apply content filtering to keep staff focused on work-related activities. You can also deploy specific, pre-approved apps related to job roles to try and prevent staff using unauthorised, untested apps that could be leaking corporate data.
6. Investigate enhanced security tools
For the ultimate data security, you need a solution that can keep personal and corporate data and apps separate. The latest version of the Blackberry operating system uses a profile-based system, allowing device owner to set up a ‘work’ and a ‘home’ logon which ‘sandbox’ apps and data.
There are now a handful of third party solutions that can perform a similar task on iOS and Android apps too. These solutions create a secure partition and force users to use company-approved apps for company-related tasks – this then avoids the danger of data leakage or theft by third-party apps.
As BYOD continues to gain traction in the enterprise, security will continue to be a hot topic. These 6 tips will help improve security now, but what else would you suggest? Does your business do anything differently?