Bring Your Own Device or BYOD is the way of the future, but can also open the way for future security incidents. This post outlines some best practices that can help minimize the risk.
BYOD can be a difficult subject to handle as you need to be able to enforce cybersecurity policy and keep your employees happy and productive at the same time. Let’s look at some of the more basic ways you can successfully implement BYOD.
- Require passcode on devices
- Require encryption
- Application control
- Employee/Device control agreement
- Mobile Device Management (MDM)
While might be seen as an annoyance, forcing a passcode or password on a device is an essential part of securing data at rest. While most employees wouldn’t ever purposefully lose or leave their phone in the possession of someone else, it does happen and requiring a passcode could make the difference in keeping your data safe.
Encrypting the data is another important layer of protection. While having a passcode on a device provides an initial barrier to the data, if someone were to get access to the device encrypting the data would force them to get through another difficult layer to get your data.
Application control is often where pushback from users starts to get in the way. Unfortunately sometimes it is necessary to sacrifice convenience for security. Each application that is allowed on the network and has access to your confidential information needs to be evaluated for necessity and potential security issues. This includes applications such as antivirus, VPN client, and messaging.
The Employee/Device control agreement outlines the terms of how the device(s) will be used in accordance with the organization’s policies and procedures. This is especially critical if the data in question is protected by compliance requirements. This sample policy from the International Association of Privacy Professionals (IAPP) will give you an idea of what should be included to protect the organization while allowing personal device use for your staff.
Mobile Device Management (MDM) ensures that users are adhering to corporate policies with minimal disruptions. An MDM solution focuses on keeping data segregated, securing emails/documents, and enforcing corporate policies. There are lots of different options when looking at an MDM, and finding the right one is important. In order to find the right match you would need to confirm what hardware is being used in the company as each MDM can control different variations of operating systems.
Giving your users the ability to do the things they enjoy when not on the clock on a device that they are comfortable with makes them more productive when working. When coupled with a secure BYOD policy that is enforceable by your IT department, BYOD can have a positive effect on yuor staff without a major impact to your overall cybersecurity posture.