BYOD Strategies: Which One Is Right For Your Company?January 8, 2014 No Comments
One of the big new concepts in the American workplace is BYOD. What is BYOD? Well, it’s an acronym that stands for Bring Your Own Device. Many companies are looking for ways to cut the costs associated with supplying their employees with company-owned devices and other hardware. Their solution is to allow the employee to use their own devices for company work. This not only saves the company money but has also been shown to increase the productivity and morale of the employee. However, even as many corporations and businesses are enjoying the benefits of BYOD, there are a number of concerns regarding security that must be considered. After all, a personal device is generally far more vulnerable than a contained corporate network, and there is a very real danger that BYOD policies could lead to data breaches.
However, there are measures that can be taken to help protect company data in a BYOD atmosphere. Here are three strategies that can help.
1. Company Apps
One way to maintain control and security over sensitive data is to have all company work performed through native applications. This means that the company would develop its own programs, complete with whatever security measures it deems necessary, and have those apps installed on the employee’s device. The user would then be able to perform his or her required functions without putting the company or its data at risk. Of course, there are still dangers associated with this method. As the employee will have unrestricted access to the app itself, should the mobile device become compromised, the criminal in possession of the device would likewise have unrestricted access. To combat this, secure user identification methods should be used to ensure that only legitimate users have access. Data access should be closely monitored for any suspicious activity, and the ability to wipe the phone in the event of a theft is also recommended.
2. Virtual Desktop
If the idea of having sensitive information residing on mobile devices in remote locations is not a pleasant one, then the virtual desktop method might be a more attractive alternative. This strategy allows sensitive data to remain secure in corporate servers, with the BYOD simply acting as a remote access. However, as with the Company Apps method, user identification is very important, and intruders will have access to much more information than they would when dealing with simple apps. Again, all access through a virtual desktop should be strictly monitored for any signs of suspicious activity.
The least hands-on approach is one that simply relies on websites and browsers to direct employees to specific pages. These may not be company-developed apps or programs, but simply portals and sites that can be used to share and record information. This method is perhaps the least secure, but it also contains the least amount of sensitive data. Still, security can be boosted with proper user authentication and usage monitoring.
Of course, there are any number of other possible strategies that can be implemented in a BYOD company, and more are destined to be pioneered as more and more organizations choose to instigate BYOD policies. The important thing to remember is that BYOD, while convenient and cost effective, is unfortunately inherently less secure than traditional company device policies. Still, as new security measures are developed and weaknesses identified, it’s likely that many of the dangers currently associated with BYOD will gradually vanish. Until that time, vigilance, redundancy, and above all, user authentication are all still vitally important. Of course, one should also be sure to educate and train employees on proper BYOD practices, but that’s an issue for another day.
by Rick DelGado, Independent Author
“I’ve been blessed to have a successful career and have recently taken a step back to pursue my passion of writing. I’ve started doing freelance writing and I love to write about new technologies and how it can help us and our planet.” – Rick DelGadoAPPLICATION INTEGRATION, CLOUD COMPUTING, Fresh Ink, MOBILE, SECURITY, SOCIAL BUSINESS