Not many of us notice but there has been a subtle change in recent years regarding how people use their mobile devices. How often do you access your professional mail on your private device? And it’s not just about emails and Skype calls but more and more people find themselves creating or reviewing official documents on their personal computers- something unheard of just a few years ago. Officially, this is called Bring Your Own Device (BYOD) policy. To be clear, this is in fact, a positive change for both employers as well as employees.
The employers have to invest less time and resources in setting up and maintaining office infrastructure- the money they can use to make an application that would compensate for the hardware fragmentation. That is, not all employees are going to have the same device and there needs to be a common enterprise solution to bring them all on a common platform. Yes, building such solutions isn’t cheap but if you compare the onetime cost of enterprise app development against the recurring cost of purchasing and maintaining official devices, the former certainly would have an upper hand.
From an employee’s perspective, BYOD represents convenience and freedom. They can join a meeting sitting at their home, review documents while on the move, and they get to work on devices they are most comfortable with. All of these factors when combined ultimately deliver much-improved productivity.
Less cost, more productivity- two things any enterprise loves the most. But as always, there is just one caveat- security.
The thing is when an enterprise has an in-house pool of devices; they also hire professionals to manage them. There are dedicated system and network administrators who consistently keep track of activities and conduct scans to discover vulnerabilities. In corporate culture, after all, data is power. In the BYOD scenario, it is simply unreasonable to expect employees of such diligent care and expertise in data security.
The point here is, while BYOD offers immense possibilities for enterprise mobility, that doesn’t free businesses of all responsibilities. And to unleash the true potential of this policy, they need to have a proper security framework in place. While each enterprise can create their own security architecture depending on their unique needs, these three pillars would remain common among them all:
This includes measures like device authentication, monitoring the state of the device, and remote access. There must also be a requisite mechanism in place to erase all the data in case the device gets lost or stolen.
This includes user authorization and authentication, auto-backup, permission management, and more.
This includes measures to prevent data loss, prevent unauthorized data transfer or copying and more.
If we try and layout a simple guideline for businesses looking to make the most out of enterprise mobility solutions, it would be something like:
- Mandate strong passcode for both device and application
- Register each device’s MAC address and allow access only on them
- Install virus detection and data protection programs on each of the devices
- Create an encrypted network
If these measures are taken carefully, a majority of security instances can be averted and deliver all the benefits of BYOD policy without any shortfalls.