BYOD Security: Enabling the mobile workforce while ensuring data safety
Nov 18, 2013
Bring your own device can have a number of benefits for employees as well as organizations that create effective policies for leveraging the trend. BYOD allows workers to access enterprise systems, collaborate, perform mobile file sharing and operate from nearly any location. However, with these benefits comes concern for the safety and security of shared data and sensitive internal business information.
When security strategies are put in place and data is properly protected, a BYOD policy can significantly improve an organization’s operations. According to TechTarget contributor Lisa Phifer, businesses have been increasingly adopting mobile strategies; industry analysts estimate between 40 to 75 percent of enterprises employ BYOD strategies. However, IBM Smarter Planet Contributor Kristin Lovejoy stated that a recent survey showed less than 40 percent of organizations with BYOD practices in place have management policiesfor governing such systems. With an increasing number of companies reporting data breaches due to insecure mobile technology, managing the security of BYOD should be a primary focus.
Tips for BYOD security
Phifer also stated that administrators maintain control over the data contained on employee mobile devices as part of their business asset management strategy. Company higher-ups should have a system in place that enables them to view data on mobile endpoints, as well as track file transfers. In this way, they are aware of mobile data access and where information is being sent.
Additionally, businesses should put remote wiping capabilities in place that allow administrators to clear a smartphone or tablet of sensitive information. This security system is helpful in the case of a lost or stolen device, as well as ensuring that employees do not leak data after they leave the company. However, TechNewsWorld recommended that such systems be set up very carefully to ensure only sensitive information related to the company is removed from the device.
“You want to wipe corporate information but not obliterate the pictures of someone’s child or their wedding,” data and mobile security expert Caleb Barlow told TechNewsWorld.
Companies can also utilize a blacklisting application to ensure employee devices are safe from malicious programs. Such technology allows administrators to create a list of known dangerous or prohibited applications.
In addition, every BYOD policy should include employee education. Employees should be aware of what is allowed within the policy, what data they can access and share and best practices for information security. Administrators should urge employees to utilize protected Wi-Fi connections and use built-in security tools on their mobile devices, including screen lock and password protection.