Our love affair with smartphones and tablets has had big implications for traditional security strategies. Employers are faced with a difficult trade-off. On the one hand, as personal devices are incorporated into workflows across the business, they have to work to protect data and manage information security. But, on the other, they have to balance such concerns with the desire to work at peak performance and to harness the flexibility brought by cloud and multi-device computing. In this blog post, we look at how a scenario-led approach can help businesses to find a balance between security and productivity in a multi-device and increasingly digital workplace.
Clamping Down Could Increase Risk
BYOD isn’t going to suit all businesses or organizations. In the public sector or businesses with equivalent concerns, BYOD may well be judged to present an unacceptably high risk to data security. Any clamp down should be considered carefully, however. If employees resist any clamp down by concealing their use of personal devices and applications, it could increase uncertainty and reduce employer control.
Find a Compromise between Functionality and Security
A common criticism of many BYOD policies is that business-specific apps and security controls effectively reduce the user experience and functionality of devices such as tablets and smartphones. In an effort to authenticate and manage devices, enterprise limits the flexibility of the devices and, potentially, employee productivity. For smartphones, Mobile Device Management (MDM) works in a similar way to traditional device management, on the one hand allowing employees to make use of the phone’s native applications, while also enabling organizations to monitor the device for compliance and security purposes. As with computer BYOD and the use of cloud-based applications, data protection is the primary objective.
BYOD through Education, Not Diktat
When it comes to BYOD, businesses need to be clear about policies, ensuring employees understand how to access and share information securely using their devices and on the cloud. Security breaches, such as employees sending work home to Gmail accounts, transferring data onto USB sticks and losing devices, can happen all too easily. Just requiring employees to follow protocols or checklists is not, on its own, enough to solve the problem. Changing a password on a weekly basis will not make data any more secure if an employee keeps a note of the new password on her/his desk.
Use Cases Can Identify Points of Weakness
The virtualization of the desktop and, increasingly, the reliance on personal applications associated with Bring Your Own Application (BYOA) has made many traditional use case scenarios redundant. Different employees can access their devices at practically any location and in a variety of ways. For businesses to develop a coordinated and relevant strategy for navigating the cloud and leveraging BYOD, it’s vital to communicate with employees across the business to learn how, when and where they’re using there devices. This will allow for the development of better use cases and, therefore, the identification of weak points and vulnerabilities in the IT ecosystem.
When implemented successfully and with employee engagement, BYOD deployment can work for business, offering the potential for productivity gains, greater operational flexibility and employee satisfaction. The key to using BYOD to leverage the cloud and virtualization, however, is pool expertise and insight to develop a coordinated policy across the business: the left hand has to know what the right is doing – and, just as important, how it’s doing it.
What are the main lessons for business from BYOD? Should businesses embrace the flexibility of Bring Your Own Application (BYOA)? Let us know your views via our LinkedIn page.