Tech Notes: Top 10 Tips to Ensure BYOD Security

Chiara Menesatti, Product Marketing Manager

Bring Your Own Device (BYOD) is commonly known as the growing practice of allowing employees to use a personal device to connect to their company network and access data, in other words, to work on the mobile device of their choice.

With the permeation of mobile devices in the consumer world it’s no surprise that employees prefer to use a device that is familiar, powerful and inextricably part of their consumer lifestyle. Rather than fight this new BYOD phenomenon, smart companies should embrace this growing demand from their employees.

So let’s see what you, as an IT leader, should consider to implement a reliable, secure Bring Your Own Device Strategy versus a Bring Your Own Disaster scenario.

Bring Your Own Device (BYOD) is commonly known as the growing practice of allowing employees to use a personal device to connect to their company network and access data, in other words, to work on the mobile device of their choice.

With the permeation of mobile devices in the consumer world it’s no surprise that employees prefer to use a device that is familiar, powerful and inextricably part of their consumer lifestyle. Rather than fight this new BYOD phenomenon, smart companies should embrace this growing demand from their employees.

So let’s see what you, as an IT leader, should consider to implement a reliable, secure Bring Your Own Device Strategy versus a Bring Your Own Disaster scenario.

1.Assess your company’s needs. How tolerant is your organization to risk?Is yours a high-security environment? Are there legal issues that preclude BYOD? Your strategy should match your specific business requirements and concerns.

2.Engage with other teams. Since BYOD doesn’t affect only your IT department, be sure to include other departments such as HR, legal and finance when planning out a BYOD strategy and implementation plan.

1. Assess your company’s needs. How tolerant is your organization to risk? Is yours a high-security environment? Are there legal issues that preclude BYOD? Your strategy should match your specific business requirements and concerns.

 

2. Engage with other teams. Since BYOD doesn’t affect only your IT department, be sure to include other departments such as HR, legal and finance when planning out a BYOD strategy and implementation plan.

3. Understand and utilize all of the security tools available to you. Leverage all of the technology available to you (ex: system authentication, NAT/Firewall traversal and encryption) to ensure a highly secure business communication environment.

4. Finalize criteria for allowed/supported devices. You should define which devices are allowed, which are not and why. LifeSize ClearSea leads the pack with support for more than 40 iOS and Android devices, plus support for Windows PC and Macs.

5. Consider the needs of your users. BYOD is not for every organization. Divide your employees in groups based on their user needs and scenarios, define different levels of privileges, and help the reluctant ones understand the advantages.

6. Establish a plan for support. Define what kind of support your IT is willing to offer for employee-owned devices. In most cases, you’ll only need to provide instructions on how to connect a device to the company network.

7. Define your BYOD policy. Now that you have a strategy, write a clear policy for everyone to sign off. It should include all the points we just mentioned, plus clear statements about ownership and liability.

8. Proactively communicate and educate. Make sure that all participating employees understand your policy and arm your employees with a deep knowledge of the risks BYOD involve.

9. Be prepared to enforce your policy. Nobody likes to be the bad guy, but a security breach has much more dire consequences. Have a plan for how you will notify individuals about breaches of policy and how you will deny/shut off access.

10. Review your policy and don’t be afraid to improve on it or modify it. Just when you think you’ve got it all covered, a new device or application will pop up and you will need to adapt your BYOD policy to it. A solid strategy should be flexible enough to keep up with changing trends.

To learn more about BYOD and how your organization can benefit from it, please attend our Technically Speaking webinar on December 6 at 12PM CDT entitled, “Managing “BYOD” in the Workplace.”

One Response to “Tech Notes: Top 10 Tips to Ensure BYOD Security”

  1. kurtlikely

    Chiara’s article is a good summary of things to consider for BYOD, but I think that one of the most important things to think about is education. Our hospital put a BYOD policy in place to use Tigertext for HIPAA complient text messaging, but the doctors still used their unsecure regular text messaging. Even though we had a good BYOD policy, it wasn’t enough, we had to bring each doctor in to admin for 15 minutes of training and explaining the HIPAA issues and how to use the app correctly. Now we have about 95% of the doctors in compliance. If you want employees to comply with your BYOD security program, you really need to educate employees about the BYOD policy and the technologies you use weather it is an app like Tigertext or a larger MDM system.

    Reply

Leave a Reply

  • (will not be published)

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>