“Bring your own device” (BYOD) is a popular system that many companies have implemented. It allows employees to bring in their own devices, instead using company issued ones. Last weeks article: “Security Analysis of Bring Your Own Device” looked into the potential for a security breach associated with such a program. This week will discuss ways to lower the potential risk within BYOD companies.
Create and/or Review BYOD Policy
A BYOD policy must be created as soon as possible. In a typical work environment employees will desire to use their personal devices over work ones. IT Management must have policies in place regarding personal devices on the company network, as well as work related data on personal devices.
If there is already an existing BYOD policy, ensure it is reviewed annually, as the tech landscape changes rapidly. New operating systems, programs, and devices must be tested before being allowed the same access as proven systems.
Security is Top Priority
As with any policy relating to potentially sensitive data, security comes before ease of access. Any user of potentially sensitive data must accept that there will be comprises made in order to be allowed access to the company data. Consider making users of a BYOD system sign a contract, making them responsible for uploading security. These compromises could consist of:
Delayed access to updates that change the core functionality of a device (Such as operating system upgrades)
Limited supported device library
Limited BYOD support depending on role within company. A trusted executive may not knowingly reveal sensitive data, but his device is a target for viruses and and snooping software.
Block access to open and unsecured networks, such as public ones at coffee shops or malls. If those networks must be accessed, then make use of a private VPN mandatory.
Create List of Supported Platforms
Not all platforms are equal in terms of security. On a security level, closed ecosystems are much more favourable then open ones. Both mobile and computing platforms are also highly fragmented in terms of features and support. Ensure that each platform is verified on an individual basis.
Mobile Device Management
Smartphones and tablets are the source of highest risk for leaking sensitive data, since they have the highest chance of being stolen or misplaced. At the very least you’ll want the ability to:
Remote wipe the device
Mandatory Password Protection and Encryption
Re-enforcing the idea that security is top priority, ensure that all devices, mobile and desktop, utilize password or PIN protection. If possible, devices should also encrypt their data. Apple computers running OS X 10.3 or later, or Windows computers running 8.1 or later have built in encryption settings that are easily enabled to improve security.
BYOD is an attractive idea that has become common place in many companies. It is not without significant security risks, which must be addressed before implementing a BYOD system. A BYOD system can remain most secure with a proactive approach to security, and ensuring that policies remain current and relevant. If this approach is taken, then a company can be confident that its data will remain secure.
Copyright © 2017 Packetworks — Created by Barefoot Creative