'Bring Your Own Device' is here to stay - find out how to manage it
What is BYOD? BYOD stands for Bring Your Own Device, and is used to describe the trend of employees or guests connecting their personal mobile devices and computers to the organisation's IT network. It occurs in businesses of all sizes and brings with it its own set of challenges. A 2011 survey found that 40% of devices used to access business applications are consumer-owned, an increase 30% from 2010. A separate report forecast that by 2014, 80% of professionals will use at least two personal devices to access corporate systems and data. The Benefits: There are of course benefits to a business and its employees in incorporating BYOD into its IT strategy. Consumer mobile computing devices are inexpensive when compared to traditional IT equipment. Employers can reduce IT costs as more and more employees utilise their own devices as there is no need to provide and manage as many machines. On top of this, a recent UK study identified that costs actually increase when organisations attempt to restrict employees bringing in their own devices. There is also the productivity angle; a report surveying 1,100 mobile workers found that "employees who use mobile devices for both work and personal issues put in 240 more hours per year than those who do not." Finally, there are also the reported benefits of increased employee morale and satisfaction, alongside improved results around collaboration and remote working. But what are the dangers? "You can't protect what you don't know" is commonly used as justification for not incorporating BYOD. The primary risk is data loss. The nature of this can vary and so too can the impact on the business. Recent studies have shown that at its extreme, the estimated cost to a company can be about £150 per compromised record. There are also the considerable risks of viruses entering the corporate network via consumer devices. It is not uncommon for consumer mobile devices to lack effective antivirus or antimalware protection. Android devices are famed in the media for being at risk from viruses, such as keyloggers, Trojans, alongside other forms of malware. The wider challenge for IT departments is coming up with a comprehensive BYOD policy when there are so many devices on the market, with new ones being released on an almost weekly basis. It is critical for your network's security that the IT department can verify each device attempting to connect to the network, as well as the individual using it. Finally, BYOD challenges IT departments because it can potentially result, if managed poorly, in an inability to effectively monitor the network. This compromises the department's ability to protect business and information assets. 10 Point Plan to Successfully Implementing BYOD 1. Benchmark current usage: Identify what devices, as well as applications, are being used on the network at present. 2. Empower social media: Social media usage has become a key component of many company's business functions. Ensure that employees have appropriate access, if it is a component of their job role. 3. Password management: Avoid allowing user-generated passwords on employee devices. They could leave your network vulnerable. Ensure employee devices are subject to the same stringent password policies that PCs and laptops are. 4. Develop a clear policy: Clearly define for employees what devices the organisation will and will not support. 5. Draw a line between work and play: Confirm employees are fully informed that when accessing the work network on their device they must adhere to company IT policies and monitoring. 6. Employ VPN technology: An effective way to protect the work network is to only support devices that can utilise VPN connectivity. This will safeguard the network, guaranteeing a secure connection to access corporate data. 8. Application control: Clearly define what applications users can utilise on their devices and those that they can't. 9. Segment your network: Make sure any sensitive data resides on a separate network to the one accessible to guests and other non-employees. 10. Keep on top of compliance: What compliance issues is your organisation subject to? Have you got measures in place to handle an employee losing a smartphone or tablet? Could the device be wiped remotely if necessary? ?
Back to Blog