It’s common today for people to use their own devices for work purposes. Bring Your Own Device (BYOD), is now accepted practice, but it needs to be implemented properly to reap the advantages and avoid the pitfalls. Employees need to know what your company’s BYOD policy is and stick to it. If you don’t have a BYOD policy, it’s time to create one.
Smartphones are frequently used for work, with one survey finding that about 92% of people use them for work once a week at least. The advantage for staff is that they know their personal devices well, and how to use their features. This means less reliance on helpdesk support for help with new or different systems.
You can gain a lot by letting your employees connect to your in-house network using their devices. But there are risks, and some restrictions are appropriate. Here are three things to think about including in your company’s BYOD policy and user guidelines.
Access and Data Security
Any new technology solution should prioritize data security and this also applies to your BYOD policy. If the devices your staff use to access your network aren’t properly secured then you have a potentially serious security gap – and the risk gets bigger the more devices there are being used.
It’s not as simple as just limiting how many devices are used to access your data. The whole point of permitting Bring Your Own Device practices is to make life more convenient for users, not more difficult. A BYOD policy combined with effective user management solutions is the way forward. This can be done on a per-user basis. Not everyone needs to have access to all your data. If staff don’t have access to data they don’t need or use, then you’ve got a key damage limitation measure in place, without restricting the operation of your business.
Whitelisting/Blacklisting Applications
When you install a new app on a smartphone, you’ll usually get a message saying what permissions it requires. It could be access to your contacts, account details, device use history, call logs and even identity information, to name a few. Some of these may be necessary for the app to function optimally, but that’s not always so. Ask yourself why a given app would need access to your contacts list, or other info. Dangerous apps can take control of your camera and microphone. Your BYOD policy should include measures to approve apps that are secure and flag up those that might permit outsider access to your data or sensitive corporate information.
Security Best Practices
The best BYOD policy in the world won’t work properly without proper staff training. Anyone who brings in their own laptop, phone or other device should be well briefed on what the security risks are. It’s not just about what they do with their device when at work; it’s also how people use their devices in their own time. This could impact on your network if best practices aren’t implemented. Staff need information on how to stay safe online, with updates and reminders to keep standards high. It’s worth emphasizing that it’s not just about protecting your organization’s infrastructure. It’s about keep people’s personal devices safe too. You need to be made aware if an employee brings a new device to work, and your IT department or an outsourced provider can check that the device is secure and the user knows what security best practices are.
As the use of personal devices in the office becomes more and more prevalent, you need to be proactive, with measures to deal with the changes. To learn more about BYOD policy and user-management solutions, reach out to Quikteks at (973) 882-4644.