Demystifying the BYOD world
How to address the host of data security challenges presented by employees using their own devices for work
Over the last 10 years, BYOD, or bring your own device, has become a growing trend in many businesses. You could even say it’s become a BYOD world, with the increasing prevalence of smartphones, tablets, “phablets” and smart watches being used today to remain constantly connected.
More companies are embracing this trend and empowering employees to work on the device of their choosing. In fact, a recent survey by Gartner shows that BYOD adoption, as a business tool, makes a company more attractive to potential employees, and it is a “must have” for Millennial-generation job applicants.
This new world, however, presents businesses with a host of data security challenges that they are now being forced to address. More than ever before, the possibility of intellectual property, client records and business applications living on mobile devices is real, creating new opportunities for hackers and more worry for IT professionals when it comes to data protection. Gaining control over these “anywhere” technologies is quickly becoming a requirement for many organizations.
Unfortunately, businesses are finding that traditional network security policies and design are not always enough to keep systems’ integrity and security concerns at bay while meeting the fast-paced demand of mobility.
To address the security implications, IT support staff need visibility into the different BYODs within their network to ensure they are operating in accordance with the organizations’ information security and acceptable use policies. In most cases, this means instituting secure access, secured applications, and the ability to wipe devices remotely if there is the hint of a breach.
Supporting these devices and maintaining information security parameters may sound like a tall order for already busy IT professionals, but rest assured, it’s doable if the right technologies are in place to address the concerns. These include:
1. Identity and access management (IAM): IAM allows businesses to know who is connecting to their network from any device, anywhere, and accessing their data. With the never-ending rise of cybercrime and malware, even good passwords may not be enough. An IAM solution should provide you with:
• Centralized user directory for both cloud and on premise applications
• Multi-factor authentication (MFA) to control access to the network
• Single or same sign-on capabilities for multiple applications so a business can terminate a user’s login from a central location
2. Mobile device management (MDM): MDM consists of configuration and policy management tools that identify and manage a device. As devices join a network, they are asked to enroll or are dynamically enrolled depending on the deployment model. Once enrollment occurs, the device can be managed. Typical functionality of MDM software includes:
• Hardware and application inventory
• Physical tracking and geo-fencing
• Configuration of security policies such as password policy, device encryption and Wi-Fi settings
• Option to deny access to the network for non-compliance
• Execution of actions like partial or remote device wipe, remote lock, device location mapping, and passcode resetting
• Access to self-service portals to enable users to protect personal and enterprise data
3. Mobile application management (MAM): Mobile application management provides a container that enables enterprise applications and data to be securely segregated while preserving the personal mobile experience on BYOD devices. Users can access their business email, contacts, calendars, applications, documents, and web browsing from within the secure container installed on their mobile device. MAM solutions should consist of the following capabilities:
• Application containerization
• Application publishing
• Function restriction capabilities such as file save or copy/paste from business to personal applications and/or screen shots
• Selective wipe of corporate applications and data
There’s a saying we use around the office that either “IT dictates progress or progress dictates IT." If approached correctly, it can be a partnership of both. The IT landscape is shifting and progressing at such an incredibly fast rate today that IT adoption policies born on day one may not be as relevant on Day 365 or even Day 180, in some cases.
BYOD has evolved to be a necessary tool within the business environment to increase efficiency and enhance potential, but it does need to be managed with data protection in mind. If your organization is adopting BYOD, keep in mind that there are many resources and experts you can rely on to help you maintain data security.
Jerry Lyon, an infrastructure team manager Systems Engineering of Portland, Maine, and Manchester, NH, can be reached at 603-226-0300 or through syseng.com.