The exponential growth of the number of mobile devices in recent years has caused a shift in the way we work and communicate. Bring Your Own Device (BYOD) policies are a result of this change, enabling employees to work anywhere at any time, all while using their own personal device that they pay for. While these policies are popular, they can be difficult to manage securely and effectively. To that end, we’ve put together a list of tips to help you create a better BYOD policy.
Outline the Policy Before Acquiring Technology
Like most other IT projects, it’s best to have a comprehensive plan before implementing it. A BYOD policy doesn’t solely affect IT, so it’s important to take other departments that use mobile devices, content, and applications in the workplace into account when planning. Because the needs of users are diverse, the policy must be able to serve each individual. In order to do this, consider which types of devices will be supported, what security measures are required, which apps will be whitelisted, and if your business will pay for the data plan.
Identify Which Devices are Accessing Corporate Resources
It’s probable that you have more devices with access to your network than you’d like. However, it’s necessary to fully understand the extent of the population of your mobile devices before committing to your strategy. In order to do this, consider implementing a Unified Endpoint Management (UEM) solution. This will enable you to manage all device types (laptops, desktops, smartphones, wearables, tablets) on a single platform, simplifying the management process.
When you’ve determined the devices you’ll be enrolling, use technology that allows for scalability that will reduce the number of manual processes during enrollment. In addition to this, being able to enroll devices in bulk or allow users to self-enroll would be helpful in the process. There should also be a basic method of authentication such as a one-time passcode. Additionally, if new devices attempt to access corporate resources, they should be quarantined. This allows IT to initiate a proper enrollment if the device is approved, or block it to ensure compliance. Detailed and understandable instructions will also assist users with enrolling in the BYOD program.
Separate Personal Information and Corporate Data
When an employee leaves a company, any corporate applications, documents, or other data should be protected by IT. However, personal apps, emails, and photos should remain untouched. This is accomplished through the use of containment technology, which is available from some Enterprise Mobility Management (EMM) solutions. Users and IT will both gain freedom as a result of this process. For example, with this technology, IT can perform a selective wipe of the device, or wipe the entire device in the event that it is lost.
Monitor Devices for Noncompliance
Ensure that all devices are compliant with any regulations you have to follow by monitoring them continuously with automated policies put in place. These policies should take into account the fact that users may try to remove corporate management from their mobile device. As a response to this, restrict their access to corporate resources. Users could also attempt to bypass operating system restrictions by jailbreaking their device. This puts that device at risk of being targeted by a malware attack. If a device is jailbroken, the container, corporate apps, and sensitive data should be selectively wiped.
- Gartner Announces Unified Endpoint Management Tools Peer Insights Customers’ Choice Winners - April 22, 2019
- Microsoft Acquires Express Logic to Accelerate IoT Development - April 19, 2019
- Standalone MAM vs. AppConfig MAM: Pros and Cons - April 18, 2019