Subscribe to Dr. Granville's newsletter

Can You Allow BYOD and Still Secure Business Data?

By nature SMBs need the flexibility and productivity that personal devices now offer. But is the company at risk with the fast adoption of “consumer” BYOD practices? There was a time when cool gadgets and slick computers were only found in business environments and the selection was the domain of IT. But today, as smartphones get smarter and smarter and connectivity is available anywhere, more devices are coming into the workplace not from IT, but from users directly. For small- and medium-sized companies, this is especially true. Gartner is predicting that end-users will be responsible for 50 percent of business IT procurement decisions. From what I hear, it seems like the percentage will likely be higher. BYOD (bring your own device) is now common in all sizes of organizations. Should specific policies be in place to address this ongoing practice?

A recent informal survey of 500 IT professionals, conducted by Mimecast, a provider of email archiving, continuity, and security for Microsoft Exchange and Office 365, found 74 percent of the respondents emphasized that the biggest BYOD challenge was managing information security.

“Employee support for consumerization of IT is in full swing, whether business leaders are ready to admit it or not,” believes Orlando Scott-Cowley, senior product marketing manager of Mimecast.

Here are some recommendations from Mimecast for managing BYOD:

  • Provide comprehensive support—Employees will work around corporate IT infrastructure in order to be productive and find ways to leverage their personal devices, regardless of if they’re supported by the business or not. Supporting as many computing platforms as possible will ensure employees are accessing and sharing business data within a secure environment approved by the organization.
  • Focus on data—Seventy-one percent of those surveyed identified their role as a data custodian or someone responsible for locating content and establishing context that is aligned with associated business rules. An organization’s mobile strategy therefore needs to not only enable IT professionals to effectively manage the volume of data, but also provide the solutions that allow employees to securely access and leverage data as a business asset.
  • Enable productivity—Identify the business applications employees rely on—such as the organization’s email or social collaboration tools—and provide mobile and tablet support for these applications to ensure employees can remain productive.

For any size business it is a worthwhile exercise to discover what employees are using within the network and what might be happening outside the network that is work related. If you are in a business that has compliance regulations to adhere to or have proprietary information to protect, BYOD can jeopardize the company through data leakage. Holding educational sessions with employees about malware, data leakage, and what might be against company policy on devices is an important piece of any policy.

What Devices Are Most Popular?

The IT professionals that participated in the Mimecast survey named the specific personal devices they currently own, with Apple and Android devices leading the pack. Although over half (56.3 percent) of the respondents indicated they were working on a Windows PC, 87.3 percent own a device running off the Apple operating system, with 44.5 percent owning an iPhone and 42.8 percent owning an iPad. Android mobile and tablet ownership followed, with 51.3 percent ownership, and Windows and Blackberry devices followed, with 26 percent and 19.2 percent ownership, respectively.

The smartphone market is, quite simply, on fire. IDC recently reported the worldwide smartphone market grew 42.5 percent year-over-year in 1Q12. But contrary to the survey respondents, it wasn’t Google’s Android or Apple’s iPhone in the top spot, it was Samsung.

“The race between Apple and Samsung remained tight during the quarter, even as both companies posted growth in key areas,” said Ramon Llamas, senior research analyst with IDC’s Mobile Phone Technology and Trends program. “Apple launched its popular iPhone 4S in additional key markets, most notably in China, and Samsung experienced continued success from its Galaxy Note smartphone/tablet and other Galaxy smartphones. With other companies in the midst of major strategic transitions, the contest between Apple and Samsung will bear close observation as hotly-anticipated new models are launched.”

Set Up A Policy

With the number of smartphone and tablets flying off the shelves, there will only be more and more of them appearing in the workplace. There are a number of templates available that offer sample BYOD policy options. At the minimum, a BYOD policy should cover user responsibility, establishing security settings, use of passwords, information classification, camera use, email security requirements and the outlining of unauthorized activity.

As with any policy, employees understanding of the policy is key, along with a policy enforcement plan.

E-mail me when people leave their comments –

You need to be a member of Messaging News to add comments!

Join Messaging News

Messaging Events

Security
Tech