Bring Your Own Device (BYOD) programs are certainly a hot trend within organizations across the globe. And what happens with hot trends? People want it and they want it now. Employees are clamoring for the ability to utilize their personal mobile device of choosing for work purposes. Using their own smartphones or tablets that contain personal information, application and data to access and store corporate data and email used for work purposes. It seems like IT departments’ rushing to cater towards these wants is becoming a trend as well, and in some cases employees are bringing in their own devices regardless. Scary!
Organizations need to consider that the challenges CIOs face with BYOD are real, as are the consequences that can come with the risks that personally owned devices bring. CIOs need to mitigate risks that come with inappropriate use, lost or stolen devices and think about the financial and legal implications that come with these risks. In order to do so effective governance and policies need to be put into place, and this is not something that IT departments should be rushing into. BYOD programs should be phased in over time to ensue proper security.
A large part of effective governance and policy development is informing employees and educating them on proper use and the risks associated with BYOD. Often data leakage and malware infection can occur simply because a user is unaware they have done something wrong or are not taking the steps to secure data. As with any type of education and changing how individuals think getting employees to understand proper use can and will take a while especially if the right communication is not made.
Implementing the proper security solutions is also something that will need to be addressed. Mobile Device Management (MDM) solutions that allow IT departments to take inventory of devices accessing the network and adhering to policy should be looked at. Assurance can be had in the fact that IT departments can track, secure, lock and wipe devices with the right MDM solution in the event of human error. This process is not one that should happen over night either though. Choosing an MDM solution blindly is not the right process. IT department need to understand their current infrastructure, what type of devices will be used, how they will be used and the possible risks and threats that can occur before selecting an MDM solution. Each company’s situation will be different and will affect the type of solution that offers optimal security.
Yes BYOD is hot and companies are reporting benefits from implementing such programs, but the proper steps need to be taken. Take your time and if BYOD is a direction your organization is heading make sure to understand the risks associated with it, educate users and implement the proper security solution that fit best with your organization needs and processes.