• Consumerization of IT and BYOD: An Inevitable Change (Part-2)

    In the First Part of the series we covered important factors of BYOD growth. In the last part of the series we covered essential elements and security management of BYOD program.

    Essential Elements of a Successful BYOD Program


    Define goals and strategy: One of the most crucial steps towards creating a BYOD program should be to define a strategy right from the word go. You need to be very clear how to implement mobility and simply can’t afford to face the consequences of blindly emulating a BYOD program without applying strategic thought behind it. Here are quick questions to ask:

    • Why do we want to implement a BYOD program?
    • What is our ultimate goal?
    • What benefits do aspire to realize?

    Narrow down on devices and operating systems: It is an uphill and nearly impossible task to support each and every new smartphone and tablet that hits the market. You need to support specific devices and systems. Your decision should be driven by your employees’ needs and use of devices in your organization. By narrowing down on devices, you are likely to alienate few employees, but more platforms you try to support will lead to a complex maze. To being with you can support few devices and expand over a period of time. It is important to consider advantages and disadvantages of various platforms and select and prioritize options acceptable to your organization from security perspective.

    Select applications: Your next step is about deciding the data and applications that will be accessible to employees. It is important to determine levels of accessibility for high-priority users instead of all employees. Email and calendar applications are most common applications. BYOD policies should place restrictions on types of apps used to access corporate resources such as email and calendars. Blacklisted apps known to be productivity-busting gaming apps should be blocked from use during workday. There are several MDM solutions available to monitor BYOD apps.

    Ensure network preparedness: Network management is one of the most important, yet overlooked aspects of BYOD program. Growing number of users and voluminous data transfer will demand robust network capabilities. As networks grow, chances of security lapses also increases. And these increased risks make network preparedness all the more necessary.

    Security Management: Backbone of BYOD

    While you can implement tools and deploy teams to ensure that your corporate data is not compromised, you also need to create security policies enforceable in the court of law to help protect your organization from threats. It is very important to create mobile security policies under the guidance of attorneys and IT staff and such policies should clearly cover the mobile devices and operating systems supported by the organization, level of support, and privacy policy among others. Terms such as remote wipes should be defined in case the device is lost or stolen or if employee position is terminated. This policy should also state the activities an organization will track and monitor. In addition to such contracts, you will have to regularly and proactively educate users to download app from trusted and verified sources and take timely action to protect the device such as virus scans.
    Here are the best practices to tackle security issues in BYOD environment:

    #1 Mobile device management (MDM)

    This approach takes a complete approach to securing and controlling BYOD devices be it smartphones or tablets. IT team can secure device with the use of a passcode or remotely wiping a lost or stolen device to keep sensitive information from falling into wrong hands. Some of the other basic features of MDM tools include the ability to enforce policies and perform real-time monitoring. MDMs try to address the data security issues entirely from the prospective of the IT organization whose main priority is keeping confidential information from not falling into wrong hands or compromised. However, MDM can come across as a very rigid or heavy-handed approach especially when employees own the device.

    #2 Mobile application management (MAM)

    Mobile application management (MAM) offers more granular controls. MAM gives IT the ability to manage and secure only apps that were developed to function with a particular MAM product. This approach deemphasizes the device and sets policy at the application level. For instance, IT could wipe off an employee’s access to the corporate email without deleting his personal pics. In fact, IT would not even know that such pics exist on the device. MAM tries to address the heavy-handed approach of MDM and solve the problem from the prospective of a BYOD user who wants control over individual apps and does not want to give IT full authority of personal device.

    #3 Device Wipe, Lockdown, and Encryption:

    The portable size of smart devices make them vulnerable to theft or easy to lose. In such cases, you need strong mechanism to protect corporate data from falling into wrong hands. Wiping or deleting data from the mobile after certain invalid login attempts can help reduce threat to data. It is highly recommended to initiate a local wipe by either end user or administrator when device is reported lost/stolen or when employee leaves the organization. Furthermore, automatically locking a device after inactivity periods can also help reduce security risks. Encrypting the data on mobile devices can provide an additional security level.

    Cloud + BYOD= Security Beyond Devices

    According to a global survey of CIOs by Gartner, Inc., nearly 40% of enterprises would stop providing devices to their employees. This would have been practically impossible and unimaginable few years back when employer-provided BlackBerrys were considered a standard norm at many corporations, large or small. Blackberry’s level of encryption was miles ahead and remained unmatched compared to earlier versions of Apple and Android devices. But fortunes changed quickly, Android and Apple grew to capture a whopping 95% of the U.S. consumer market combined. The rise of Android and Apple devices among users and the high levels of encryption to prevent phones from being hacked also fueled the BYOD movement and the subsequent decline of Blackberry. But there has been a silent hero of the BYOD movement: Cloud.

    The constantly changing and improving cloud storage technology allows employees to access confidential information from any device, anytime, anywhere. Cloud provides the much needed secure framework for BYOD. This option also turns out to be a savior for the IT team and eases off the pressure of managing upgrades, service plans, and supporting multiple devices.

    Wrapping Up: Remember, ultimately success of BYOD program boils down to user experience. You need to strike a balance between corporate needs and employee privacy. Communicate and clearly explain BYOD policies. Make it abundantly clear that you are not interested in personal data, rather just focused on safeguarding organization’s interest. Winning trust of employees is a key building block for the success of BYOD.