Why is it crucial that employers get BYOD “right”?
Employees want increasingly more flexibility and achieving the perfect work life balance is crucial for the millennials running today’s most successful enterprises. For employers, the pressure is on to meet the demands of their dynamic workforce, always on the go and willing to work anywhere, anytime, given the correct tools. If employers cannot provide the type of working environment which has come to be expected, they risk alienating a large part of their workforce.
Moreover, the risks which come with “failed” BYOD are serious – organisations unwilling to invest in systems providing adequate levels of security and productivity risk putting company data at risk and reducing employee performance. It’s therefore crucial that organisations modernising the way they work look to BYOD as a definitive measure – and not a mere fad – and ensure they adopt the correct tools to make the transition happen. As such, it is important that BYOD implementation is done correctly and in a way that neither neglects nor undermines the security needs of the enterprise.
With Gartner predicting that over 50 per cent of global companies will implement BYOD by the end of 2016, surely the future of BYOD is guaranteed?
BYOD has grown in popularity and is increasingly the norm in many businesses today. However, the dangers posed by data breaches, plus the need for increasingly robust company security means that the continued uptake and implementation of BYOD depends on two crucial elements: security and productivity.
At the same time, if users feel hindered by cumbersome and inconvenient authentication methods, they’ll be unwilling to use their device to access productivity and management tools from their network. Instead, employees will revert to using unsecure apps and tools on their personal device, which in turn significantly puts sensitive company data at risk. BYOD should not be about sacrificing productivity in favour of security, or vice versa. Organisations must find a healthy balance where the two can coexist.
What is undermining employee mobility uptake today?
In theory, enterprise mobility and BYOD are the means for staff on the go to access the same data and applications on their mobile device as they have on their desktop in the office, regardless of their location and circumstance. However, some enterprise mobility management solutions, far from improving access and worker productivity, actually constrain them. Some solutions offer only limited mobile functionality that doesn’t go beyond email and PIM access.
Others involve users having to navigate complex, multi-factor authentication steps that make verification difficult and time-consuming. These are among the main factors that limit the uptake and positive benefits of enterprise mobility. BYOD and enterprise mobility also present significant security concerns, which will only grow as business and society become increasingly data-driven. It’s not just organisations that are concerned about data breaches.
Employees are also worried that sensitive or private personal information stored on their device could be lost or stolen.
How have typical Mobile Device Management (MDM) platforms failed to deliver to date?
MDM platforms have to date struggled to achieve the right balance between security and productivity. In terms of security, most MDM platforms take a “one-size-fits-all” approach that fails to take into consideration how workers use their device, or the context in which they use them. MDM platforms currently require the user to complete the same security and authentication measures, regardless of their risk level at the time of requesting access.
This in turn can mean that the user must go through cumbersome, multi-factor identification steps to verify their identity and access corporate data on their device. This can quickly become inconvenient and frustrating on touchscreen smartphone and tablet devices with limited screen size, which might not lend themselves to the entering of alpha-numeric passwords.
But it’s not just about security. At an integration level, MDM platforms have to date under-delivered in providing basic capabilities, and also properly integrating with business tools such as Salesforce.com or other home grown applications.
Security breaches are a primary concern for companies. How can they balance the need to secure corporate data without compromising productivity?
Security, productivity, usability - today, companies need it all from their Mobility policy. By providing employees with a secure, encrypted on-device container, organisations give their workers the ability to safely access and use tools and files from their corporate network. Going beyond traditional email and PIM capabilities, these containers also give staff secure access to business-critical software tools such as Salesforce.com and also apps for reading and editing spreadsheets, documents or presentations.
The correct integration and application of these tools can play a significant role in boosting BYOD uptake and improving productivity across a workforce. When it comes to security, contextual authentication methods ensure staff are not hampered or frustrated by prohibitive security access controls. By taking into consideration a user’s context – such as their location, the time of day, and other behavioural patterns related to how they typically use their device – the system is able to make the best decision as to which level of authentication is needed according to the security concerns raised by the person’s activity or circumstances when they request access to the container.
This removes the friction of “one-size-fits-all” multi-factor authentication seen in typical MDM platforms and allows users easy and secure access to their corporate container.
How does contextual analytics authentication differ from traditional identification methods?
Too often, the one-size-fits-all approach of traditional identification methods is cumbersome, inconvenient and frustrating for the user to navigate on their device. If workers cannot get onto their corporate network from their device quickly and easily due to prohibitive authentication, it’s likely they’ll revert to alternative methods and apps that are less effective and - more worryingly - less secure.
Unlike traditional identification methods, contextual authentication assesses a user’s context before deciding which level of authentication is needed when the user requests access. A context-based system collects data and information according to the user’s usage patterns, so that organisations can create risk profiles for individual staff members.
For example, if an employee always logs on to their container in the evenings via their home broadband connection, with their smartphone in range of the tablet on which they are accessing the container, a clear pattern is identified by the system. If that same employee tries to log on to their container when away from home, during the day, on a different network and without their smartphone nearby, a security alert is flagged by the system and it activates a multi-factor authentication process with extra security.
Contextual authentication also enables organisations to combine location and time as a single feature. When a user is in a particular location at a particular time, only a low-friction authentication method will be required – for example, a trader using his device in London’s financial district during trading hours will be a low-risk profile. However outside of trading hours and in a different, location, the same trader becomes more of a risk and therefore must enter more than one identification method to access their container or the network.
What else can contextual analytics be used for?
The end-user data that a contextual system aggregates and collates can be used for more than authentication. By collecting and analysing this data, enterprises can gain a holistic and granular visibility of individual staff members’ user behaviour. An organisation can identify patterns in how staff use their devices – when they use their device, what they use their device for, how often they use it, and which individuals, teams or departments use which apps and tools.
By analysing this data and recognising trends, enterprises can assess how employees differ in their performance when using their mobile devices. They can identify the top performers who are using their mobile devices to boost their performance and productivity.
The organisation can then use these findings to put measures in place that encourage and boost productivity across particular teams, departments - or the entire workforce.
What sort of industries are using this technology at the moment?
BYOD will be pervasive across numerous industries as employees expect to be able to work where they want, when they want. BYOD is especially popular in the legal, healthcare, life sciences and financial sectors.
These industries are not always the most innovative when it comes to embracing new technologies. However, the changing work environment, coupled with the need for rigorous and robust security measures that are industry-compliant, means that enterprise mobility is today a crucial asset for these sectors.
Dave Schuette, EVP & President of Synchronoss Enterprise
Image source: Shutterstock/Rawpixel