If there’s no standardized security strategy, BYOD has a dark side
The “Bring Your Own Device” concept is a great way to let employees work from devices they feel most comfortable with. However, allowing people to access programs and data on devices not strictly controlled by your company can lead to some security risks. However, it
“Stakeholders at the highest levels are the ones that typically violate” because of their seniority, notes Hugo Perez, Managing Director at UDT.
Not only do they put their company in harms way, but if they’re in a regulated industry, they also violate compliance.
In the first of a three part series, we spoke to Hugo and his colleague Darryl Sicker, Cloud Solution Manager from UDT to discuss what it takes to have a solid BYOD security policy, listen below or on Apple Podcasts.
Here are a few ways to keep your company’s data safe in a BYOD environment.
Employees need to know what’s expected of them when accessing work interfaces on their devices, so write out these rules clearly. While jailbreaking or rooting a smart device can open up new possibilities, it also introduces new risks. Furthermore, some apps can potentially lead to compromised data. Make sure employees read the rules, and set up your network to blasklist devices if they don’t meet your company’s standards.
Focus on Permissions
Permission management is essential in all IT environments, but the stakes are even higher with BYOD devices. Creating new groups and ensuring employees only have access to the information they need prevents employees from intentionally or accidentally storing potentially sensitive data on their devices.
Provide Technical Support
The BYOD environment demands that employees abide by certain rules, but some employees may have trouble understanding these requirements. Empower appropriate IT staff members to work with employees on a one-on-one basis. In addition to helping employees comply with company rules, personal help can also ensure employees are more productive.
Strong Password Policy
Using strong passwords is always important, but virtual keyboards on smart devices can make it tempting to cut corners. Configure your software to force users to create strong passwords, even if they’ll take some time to enter. Also, make sure employee phones aren’t configured to save passwords automatically as doing so can lead to unauthorized access.
There are a range of tools designed to manage devices remotely, and these tools are especially helpful in cases of lost or stolen devices. Being able to lock a device if it’s missing can prevent data from being stolen, and remote wiping tools provide even better security. Make sure employees consent to remote locks and wipes if they want to use their own device while working with company programs and data. It’s also worth pointing out that they may lose personal data if it’s only stored on their device.
BYOD devices are a win-win for most companies and their employees, but not having tight control over hardware and software can present potential security risks. Fortunately, the basics of security management can go a long way to ensuring company data is kept safe, and spending time to draft and distribute clear rules will empower employees to keep information secure.
UDT are partner members of Cloud28+, find out more or sign up for free here.