Protect your business: Defending data in the age of BYOD | Dec16 Newsletter
The era of the mobile workforce and the anywhere, anytime worker is upon us. Bring-your-own-device (BYOD) policies are a reality globally. Now it's time to protect your business. According to Gartner, half of businesses will soon rely on BYOD as policy. For many small and midsized businesses, BYOD is already the status quo.
BYOD delivers big benefits, mostly from satisfied employees who are mobile and more productive. On the flip side, challenges arise trying to manage a fleet of miscellaneous devices. Infrastructure and operations are primary concerns, but the priority for most businesses is security. In fact, security is the number one reason many businesses opt out of BYOD programs. How do you protect your data assets when they proliferate to so many devices?
Doing business in the age of BYOD
Mobility is the no-brainer when it comes to efficient communication and accessing business information on the go. Many champion BYOD as a cost-saving tool, especially if capital is limited to invest in hardware and service. It's the intangible rewards, however, that emerge as the biggest rewards. BYOD improves productivity, efficiency, and employee satisfaction. These all positively impact the bottom line.
As many high-tech businesses have demonstrated, BYOD can be a key enabler to maximize competitiveness, innovation, and employee-driven brand evangelism. It's no longer about having just phone or email access but rather the broader range of applications that smartphones and tablets can offer. Employees are more engaged and more productive when left—literally—to their own devices, and they collaborate and communicate better, too. Employees appreciate having workplace autonomy and freedom—their mobile devices give them the autonomy and freedom to function as an employee both in and outside the workplace—key factors when bolstering engagement and retention.
Indifferent to security
While employees favour BYOD, many remain indifferent to the concept of security. With social sharing and mobility, BYOD brings a new set of security challenges to avoid lost or breached data. In 2013, some 87 percent of small businesses suffered at least one security breach. Reportedly, most data breaches initiate internally. The cost of recovery for small and midsized businesses can be in the ballpark of $50,000, and many businesses don't recover.
Protect your business for BYOD: Expect the unexpected
Providing access to network services while protecting your data assets can be complicated. Basic measures will keep your business safe, without impeding employee engagement and productivity. Keep in mind that the worst and least possible outcomes are inevitable. Proactive thinking and unified planning are the best tools to get your company on board for an end-to-end security system that is affordable and easy to use.
- Mobile data management (MDM): MDM software is a first step to implementing BYOD security. This will register and verify all devices connecting to your network, and provide capabilities for monitoring, filtering, as well as preventing and detecting intrusion.
- Company-wide BYOD policy. A clearly defined policy helps get your organization on track and educate users about their responsibilities. Your BYOD plan and policy should be easy to understand and reviewed/updated anually, with key features such as rules about password authentication, an explanation of app and data ownership, liability disclaimers, etc.
- Wipe strategy. BYOD policies should include remote-wiping guidelines, and instructions to follow in the event of a device going missing. Lost or stolen devices, or ones no longer syncing with company resources, need to be cleared quickly to prevent data breaches. Employees should provide consent to cover lost personal information.
- Passwords and authentication. Strong network authentication and password diligence is required at all times, on all devices.
- Software and firmware updates. All devices must be updated regularly. Outdated firmware puts devices at risk. Likewise, regular backups should be encouraged to protect sensitive information.
- Unlocked or jailbroken devices. Unlocked or jailbroken devices are unacceptable risks.
- Clear and regular communication. Make sure everyone understands and cares about your policy, otherwise you'll have serious compliance issues. Emphasize the value of company data and clarify the hows and whys of keeping it safe.
- Enforce the rules. Employees should understand that rules are there for everyone's benefit, and non-compliance puts the whole company at risk. All parties need to be on board. While you don't want to turn people away with harsh penalties, there needs to be a system in place to make sure rules are followed.
The shift towards mobility and BYOD is a permanent redesign of the way businesses communicate and function. The rewards are clear, particularly for SMBs that realize a competitive advantage from supporting an agile and efficient workforce, not to mention the potential savings in hardware and service investments.
Security is a chief issue for all businesses operating in this new era. Plan ahead for unpredictable events, set a clear BYOD policy, and onboard your team to make sure rules are followed and security stays top of mind.