BYOD trend, risk or fiction?

 

Bring Yor Own Device

Have you been considering whether to allow the employee mobile devices in your business? The popularity of BYOD (or ‘Bring Your Own Device’) has surged in recent years, with around 65% of employees bringing their own devices into the office. Whether that’s something large like a laptop or Mac to function as your ‘office computer’, or something smaller like a smartphone or tablet which is used for pulling up data and accessing records while in the boardroom and away from your desk. Bring Your Own Device is growing even faster than expected these days, but there are many aspects to consider before you implement or let users BYOD into your business. Here are some tips from us, gathered during the last few years by my self and Edward Olafsen.

What is BYOD?

Bring Your Own Device is an alternative strategy to allow employees, partners and other users to use their own personal devices (smartphones, tablets, etc.) to access the corporate network and data. Increased productivity and significant cost savings are some of the advantages of this solution.

BYOD ( Bring Your Own Device ) is a term used to describe employees who bring their own portable devices (such as iPhones, iPads , smartphones and laptops) to the workplace. The intention is to gain access to corporate resources in everyday life , such as email , file servers and databases , such as personal wealth of applications and documents. From time to time I like also to say, it should be BYOA, Bring Your Own ANYTHING! Since, if you choose the right vendor, you can actually get any device to work with the solution.

The concept also includes users who use their personal devices for work purposes outside the office. In addition to the above expressions, are also expressions Bring your own technology (BYOT) and Bring your own Behavior (BYOB) . These express a broader phenomenon , which not only includes hardware devices are , but also used for software, such as web browser, media player, antivirus and write programs etc. )

BYOD is a highly growing trend , and being talked about and discussed at all levels both within and outside the company – perhaps all the way up to the boardroom. Many organizations are affected by the BYOD trend, and there are many aspects to consider. In fact, I recently had a customer meeting where the CEO’s daughter had borrowed his iPad and sendt a bunch of emails from within games on the iPad in question. Now, this kick started their MDM project. 

We will highlight some of the advantages and disadvantages from a business perspective , as well as safety aspects in all this brings trends .

 

Benefits of BYOD :

Productivity

The idea behind BYOD is that employees can gain access to your data whenever and anywhere from their mobile devices . This will naturally encourage increased productivity. If the employee , for example, accessing work email, they will always fall into the temptation to check if there has been an email , or simply respond promptly to an email .

Practical

Instead of having to carry two devices ( corporate and personal device ) , employees will be able to use one device to perform both functions. It is often very convenient for the employee to perform all of their daily tasks, both personal and work from the same units .

Positive for employees

In a competitive market , it is not just the paycheck that matters. Small benefits and advantages attracting good employees and encourage them to stay in business . Companies that allow employees to bring their own tools able to keep on the staff anymore.

Cost savings 

Instead of that company must pay for an additional unit and preferably one service / support contract , the cost will lie with the user. The company can then freely choose whether they want to pay any such service and use . Anyway , a BYOD solution providing a saving of corporate equipment costs .

The benefits are many, but there are also many elements that must be considered in now . First and foremost , no new devices brought into the company without there being a proper risk analysis. A risk analysis should include the following :

  1. Identify the associated BYOD risks that apply to your organization
  2. Help you develop a strategy for mitigating any identified risks
  3. Determine if the identified risks is something you are willing to accept

Not for everyone?

BYOD can in many enterprises directly translates to «Bring Your Own Disaster ” .

Although many businesses will benefit greatly from the advantages of user-driven and self-determined choice of components – there is a small number of users outside (and often many) they clean technology companies that will be able to manage and maintain its unity. On the other hand, more critically, make a security risk before purchase.

The public sector will continue to show the major differences, where users are many and the alternative devices in the network accordingly.

With limited or no ability to manage and maintain the various units – the many generations of hardware and / or software will be virtually impossible for a centralized IT department to handle. More importantly, users will even be able to this and who is responsible for the operation (SNA)?

 

Risk

A risk assessment should identify areas in the environment that need extra attention when you are discussing BYOD. Here are some of the things that should be considered.

1 What software should you use?

From a security perspective, implementing the right software programs are extremely important – both on the server and user level.

2 What resources will you provide access?

If you give access to calendars, contacts and email? If employees have access to the client database?

3 Would you excrete mobile access?

Once you have classified the types of data you will provide mobile access to, you then need to separate the data from the rest of corporate resources and limit unnecessary exposure. How do you make use these data? Will the information be available only via a secure page? Do you have an “in -house» or a third party application that will provide access?

4 How will you deliver data to mobile devices?

As previously mentioned, the choice of delivery method is critical. Whichever method you choose, it is extremely important that the delivery process includes encryption of the data, both in the device on the server and the transport stage. One solution is to install an application on your smartphone or tablet that sets up a secure, encrypted connection to enterprise data servers. Users must authenticate themselves and the information will be sent within the application safe environment.

5 Who is responsible for the devices?

A point that is easy to forget is to consider who is responsible for the devices. If users are using their own device for work and something happens to the device, who is then responsible for the cost of repairing or replacing it?

6 Data protection on lost devices

How will you ensure the protection of your data on the device if it is lost or stolen? Some businesses have a plan that allows them to perform a remote wipe of the device as soon as they discover or are informed of a lost or stolen device. The limitations of remote wipe proves if the device runs out of battery power or not signals. If unauthorized access of your phone, remove the SIM card and put the device in «airplane mode» – the remote wipe option be pretty useless.

7 What devices will you support?

One of the biggest security risks by allowing employees to use their own devices , is that it is almost impossible for the IT department to keep track of all devices and mobile platforms available on the market today . It means that handling updates of antivirus software on mobile devices will be difficult – in addition to providing support on the devices. Can you prepare a list of the types of devices that employees can use at work ?

8 Data Ownership and guidelines

Although the company decides to implement BYOD, there is no guarantee that users understand the responsibility. The company owns the data in the device, and is bound to have some control over its use. If an employee leaves the company, it is natural that the company is undertaking a review of the unit and remove the information related to your business. The same applies if a device is reported lost, as mentioned above, the device can and will be easily removed. It is important to define security policies and guidelines for the use and management of peripheral devices. Be sure to have the law on your side, to ensure that company -related information does not fall into the wrong hands. Ensure that employees are aware of the rules, read, understand and sign such documents.

9 Control of the devices that connect to the network

BYOD should not be seen as if it is “free up» for everyone. There must be specific rules, procedures and controls to ensure the devices that can connect to the network. There is no one method and it is therefore important to combine multiple security features to help reduce risk by allowing external devices to the network.


Cloud Adoption Forced By BYOD with Smartphones & Tablets

Before smartphones evolved to the point, they are at now, BYOD had to be a conscious decision – you had to intend to work from your own laptop, or even compact desktop computer, so BYOD was easier to measure and control for security purposes.

However, as smartphones have become more like computers in their own rate (and large iterations like the Galaxy Note blur the line between pocket-sized mobile phone and fully fledged tablet), it’s simply not viable top prevent people from bringing in their own devices – do you force employees to leave smartphones at home, even your high-up execs?

BYOD Creates More Scope for Reducing IT Costs

The cloud has a variety of benefits which can help to reduce a company’s spend on IT – files are stored remotely, so no need for private servers; no need to personally manage a server as this is done by hosting company; no need for expensive in-house IT staff to provide technical maintenance and security.

However, another knock-on effect when combined with BYOD is also reducing the need for a large number of workstations and desktop machines – which virtually all companies have an unnecessary surplus of. BYOD combined with the cloud means more smartphones, tablets; laptops and even cloud-based netbooks like Google’s Chromebook can replace your traditional workstation. (Although the latter is useless unless it has internet… check out Microsoft’s funny video here https://www.youtube.com/watch?v=-y2mqoDjQXI )

With everything available on the cloud, either private/hybrid or public cloud, there’s no need for a single central workstation device (bought on the company’s money!) All internet-capable devices become your workstation, and your ‘desk’ becomes wherever you’re connected. That’s the power of mobility, and you get users that become more productive in the long run…