Back up BYOD policies with security
tools
It’s crucial to create strict BYOD policies
that limit the risks associated with consumerization, but that can’t be your
only course of action. After all, if you give your employees free rein on your
network with only mere suggestions to contain their activities, many users will
simply do what they think is right. This is not an option for companies where
there is a risk of significant data leakage via mobile devices.
The
degree of security you need depends on how mobile devices are being used at
your company
The degree of security you need depends on
how mobile devices are being used at your company. You can look at it from a
general perspective, but it doesn’t hurt to dig a little deeper into individual
departments and roles. A field service technician’s device, for example,
doesn’t hold too much information, Hafner says. “It’s got a couple of drawings
on how the pieces of equipment he might repair have to be put back together,
things like that. If it gets lost, I just wipe the device and I don’t really
care. You have to determine what it is that’s going to be on there and the
level of risk.”
But for employees who need access to
internal company resources in order to do their job from remote locations,
businesses can implement solutions like virtual desktops or thin clients on
tablets. With this approach, employees can “look at information that is stored
back on the data center, like you would with a virtual desktop that you might
have, but there’s really nothing stored on the device there at all,” says
Hafner. He warns though that this type of solution relies heavily on
connectivity, so if any of your employees are working in regions with poor
reception, this might not be an option.
DeBeasi also suggests that companies
consider MDM (mobile device management) solutions, which provide more control
over devices. Companies can actually monitor devices as endpoints and make sure
they aren’t accessing sensitive data or, worse, downloading it or transmitting
it elsewhere. MDM solutions help companies allow or deny network connections as
well as just have a better view into network activity from a mobile
perspective.
Mobile
device management solutions
Another potential solution that both Hafner
and DeBeasi recommend when implementing BYOD policies is containerization.
Containerization allows you to set aside some storage for enterprise-only apps,
which blocks access to or from other applications on the device. “For example,
you’ve got your business app on there that does whatever it needs to do and
they’ve loaded down 50 games or apps,” says Hafner. These are isolated from
each other, so there’s no way for you to share a file from the business app
with one of the other apps or the other way around.” This also prevents
potential malware from seemingly trustworthy applications from affecting any
business data that’s stored on the device.
DeBeasi warns that “as you go from Exchange
ActiveSync, to MDM, to containers, the IT organization gets more and more
controls, but it becomes a little more intrusive to the user.” There is a
trade-off between control and user experience that should be taken into
consideration and is a “balance that enterprises have to make,” he says. After
all, the main point of implementing a BYOD policy is to allow employees to use
their devices safely and effectively to increase their productivity.
Continued growth of consumerization
According to Hafner, consumerization should
continue to increase as employees are considering or already bringing their own
PCs, in addition to smartphones and tablets, into the workplace. But he doesn’t
necessarily see a time, in the next five years at least, where BYOD replaces
everything. And the main reason for that is that some employees simply don’t
want the responsibility of keeping up with technology and choosing their own
devices.
You
have to make sure you have control over your company’s data and resources, but
still give employees what they need
“You’re trying to run a business, and if
the person is not technology literate, and depending on what the job is, they
might depend on the organization to not only supply the devices, but more
importantly to support devices,” says Hafner. “When we’re helping people put
together BYOD strategies for their organizations, we tell them that you have an
opt-in and an opt-out plan for people that don’t want to do these things,
because you can’t necessarily force them.”
However, Hafner doesn’t rule out a future
where companies may decide to create new positions or hire new employees on the
condition that as a part of their contract of employment, they must “always
have a PC and a smartphone that’s less than two years old” and the company may
offer compensation for usage. But one thing is undeniable: Consumerization is
here to stay, and BYOD policies will be more important than ever. You have to
make sure you have control over your company’s data and resources, but still
give employees what they need.
