Skip to main content

Making BYOD safe in an insecure world

Bring Your Own Device (BYOD) is slowly becoming a standard practice for organisations across a variety of vertical sectors. According to Gartner, 38 per cent of organisations will stop providing devices to workers and fully embrace BYOD by 2017.

It comes as no surprise that companies are accepting this trend (willingly or by overwhelming pressure from workforces), as encouraging employees to use their own devices can be an incredible way to empower more productivity and efficiency at the office and on the go.

Often, however, with BYOD comes the urge to use cloud-based and consumer grade solutions since they are often preferred for their easy access and usability. In addition, employees are likely to already be using these tools in a personal capacity, so they will understand their features and functionality well. While these consumer applications are convenient, when used to share or receive an organisation’s proprietary data the security risks far outweigh the immediate benefits.

As with traditional office environments, staff will always find ways to conveniently and efficiently complete projects even if that means using unapproved software, apps or security tools. With former U.S. Secretary of State Hillary Clinton due to hand over her own private email server following revelations that she’d used a personal email address during her time at the State Department, it’s clear that even in the most security conscious organisations, employees choices and mistakes can be a threat.

It’s always going to be up to an individual organisation and its IT department to define the policies and approved technologies mobile or remote workers should use, but ignoring these risks serious data breaches or cyber attacks, hence the FBI’s strong stance on former Secretary Clinton.

Before any sort of company-wide BYOD policy is introduced, it is important that you have a means to share data securely on personal devices. These three questions are a good starting point to determining what else needs to be addressed before BYOD can be implemented:

1. Do you have a file sharing solution that is secure?

There are many possible points of entry when transferring files from one device to another, especially when one of those devices is primarily for personal use. Security is essential. You wouldn’t want your employees following former Secretary Clinton’s example, and potentially use personal email on their devices to share confidential information, for example.

Modern day business is inherently mobile. Your employees, partners, clients and customers will demand access to files when they are on the move, so being able to do this securely should be a top priority when building the foundations for an official BYOD policy.

2. Is the proposed mobile technology easy to use?

If any technology introduced to employees is difficult or complicated to use, it won’t matter if the solution is secure, compliant or the greatest thing since sliced bread; staff will simply revert to consumer alternatives.

The most innovative solutions can be installed on personal devices and enable administrators to specify permissions to an exact device or individual, meaning IT has full control whilst mobility is enabled.

This type of solution is particularly beneficial to businesses, as it means data with the highest possible levels of sensitivity can only be accessed through a secure means and from trusted devices.

3. Will the solution be compatible and effectively integrate with existing networks, platforms and applications?

Even an easy-to-use mobile solution needs to integrate effortlessly with current networks. Again, if integration is difficult and adds to the time it takes to use, technology managers will become frustrated and staff will be more likely to take shortcuts and hence risks.

Compatibility is critical. A network-agnostic system that can be deployed anywhere is a great option. The key for any organisation is achieving their desired level of control and transparency.

At the end of the day, BYOD can empower employees to work in an agile and effective manner while maximising an organisation's overall performance. Secure mobility is achievable by minimising many of the security risks at the beginning.

By clearly laying out BYOD policies early on, and providing safe mobile solutions as part of this, employee's’ personal devices will remain secure and the risks significantly minimised.

James L. Bindseil, President and CEO of Globalscape