If you let your employees use their own devices for work purposes on the company network or wireless Internet, you might be seen as “the cool boss.” Your employees love this privilege, but this can be a dangerous practice if done so without moderation. Here are some of the many benefits that your organization can reap from a well-thought-out BYOD policy, as well as some of the pitfalls you could fall into if you’re not careful.
It’s understandable to imagine that your team will be getting more done using their own devices for the reason that they are simply more comfortable with certain products. For example, if you force someone who is used to Apple products to use a Samsung smartphone, they might be a bit frustrated until they get the hang of how it works. Furthermore, if you have your employees provide their own devices, you don’t have to purchase devices for everyone who needs them. Even something as simple as a little bit of freedom is invaluable for your employees, but you still want to dodge the many problems associated with BYOD if you want to safely allow it.
Ultimately, the goal should be to implement a BYOD policy that takes security into account, while also allowing employees to do their jobs properly. Here are some features that you will want in your BYOD strategy.
It’s important to keep in mind that not all applications found on the Google Play Store are going to be safe and secure for your employees. You can’t let them just download any apps that they want. The risk of user error could mistakenly expose any company-owned data on the device to threats. Some apps are so sneaky that you can’t even tell they are stealing data from you while fulfilling a different purpose. A perfect example is a flashlight application that wants access to your device’s contacts, email, text messages, and so on. Since apps will usually ask for permissions before installing, it’s an ideal time to see if they are pulling some ulterior motive. Application whitelisting and blacklisting can also help you control which apps can (and can’t) be installed on a device, and what information can be collected by them. When in doubt, have your employees submit their app download requests to IT for review.
An employee losing a device could be a dangerous situation to be in. After all, you don’t know who will find it. For all you know, they could be a hacker or identity thief. If the device contains sensitive information, they may be able to access it somehow. It is situations like these that make remote wiping a necessity for SMBs, especially if employees take your data on the road. Remote wiping allows your business to immediately erase any data located on the lost device, helping you secure your business’ data even in the worst of times.
User Access Restriction
Not all of your organization’s data should be available to the entirety of your workforce. After all, why would the average worker need access to documented information from human resources, or financial data from accounting? You need to ensure that your BYOD policy reflects this kind of thinking by restricting data access according to work role. By doing so, you can limit how much data a potential thief has access to right off the bat. It might not be a perfect solution, but it helps you solidify security for the future--and it beats having your entire data infrastructure available to all onlooking eyes.
Do you have a solid BYOD strategy implemented for your organization? i-medIT can help you choose what’s best for your business. To learn more, reach out to us at 630-549-6199.