BYOD: An Introduction

Bring your own device (BYOD) refers to the policy – adapted by entities – of authorizing employees to carry personal mobile devices like laptops, tablets, and smart phones to their workplace; and to use those devices to access secured company information and applications.

However, market analysis clearly shows BYOD making significant inroads in the business world with 44 percent employees in developed markets and almost 75 percent of employees in high growth markets (such as Brazil and Russia) already using their own technology at work.

Advantages of bringing your own device (BYOD):

Although there is a great debate always brewing as to whether companies should encourage BYOD to employees, studies have shown that employees who are allowed to use their own device in office enjoy increased mobility, greater job satisfaction, and deliver enhanced productivity. Many believe BYOD helps improve employee morale and convenience and at the same time makes the company look like a flexible and attractive employer.

A recent survey by iPass has revealed that staffs using their own device at workplace for both work and personal purpose, put in 240 more hours per year than those who do not have access to BYOD. Moreover, IT department in an organization are known to benefit from BYOD when it comes to ongoing troubleshooting, support and end-user device management; as the onus to maintain their own device now rest with the employees accessing BYOD.

Disadvantages of BYOD

Just like we have some limitations to every good things, BYOD also comes with its own share of disadvantages. There may be concerns related to personal costs, as some employees might be reluctant to invest their own money – expecting the organization to pay for supporting their devices as well.

Calculate enterprise cost and find out if you have the resources to manage BYOD safely and handle the inevitable flood of support calls. Also BYOD calls for securing enterprise control over the mobile devices and applications installed on their network – as certain job functions require access to very sensitive data, and mobile devices are being embedded into business processes such as manufacturing, transportation and retail transactions.

BYOD Tips for Businesses

As Gartner report reveals that 75 percent of businesses now allow employees to bring their own devices, which will increase to almost half the employers allowing BYOD by the year 2017. Here are a few tips businesses should imbibe to avoid BYOD pitfalls.

Create BYOD policy. Many a times it is seen that companies withhold creating a detailed BYOD policy thus making enterprise network vulnerable to data breach or enterprise network penetration. It is imperative for organization’s allowing BYOD to clearly identify in their policies about the acceptable uses of devices, who can use them and the set of conditions permissible.

Avoid treating individual devices like corporate ones. One should always remember that a mobile device owned by an employee for personal and business uses are fundamentally different from that owned by the company. Although device capabilities and supported controls are alike; the difference lies in how they’re used. And this is where a well-designed BYOD policy finds merit.

Never base your BYOD policy on a single mobile OS. In BYOD world, change is continuous – thanks to the burgeoning market for mobile devices. Therefore, it is essential for companies to adopt an agile BYOD policy that can accommodate market change. This change is believed to have the greatest success in boosting mobile business productivity.

Avoid being overtly-focused on devices. Companies initiating some mobile device management (MDM) is the basis of many successful BYOD initiatives. However, employees must understand that an employer’s goal in implementing MDM is not exactly to manage the devices, but rather to enable safe device use. This will imply to monitoring access to storage of business data and applications, while giving employees the liberty to freely access personal data and applications.

Be aware as to who is accessing your network and your data. Allowing BYOD calls for certain monitoring and review as to what accounts are active for your email service, your VPN, intranet applications with their own user databases, etc. Have you seen many unsuccessful logins recently? Although, this may not be specific to mobile devices, yet you should be aware of all the openings on your network.

Identify what data can be remotely accessed. Companies allowing BYOD, should identify and segregate normal job information from high-sensitivity organizational information being shared on the BYOD network. Therefore, it is important for companies to prioritize the relative risk of the data that can be accessed through each portal to the outer world, and to put more effort into controlling access to those places that have the most sensitive data.

Always use a management and/or audit tool. The most basic way to ensure that employees are safely configuring their devices as per the Company BYOD policy would be to educate them on how to do this and request adherence to the policies. But there are potential problems with this approach – as employees (many a times even diligent ones) might tend to forget and drift away from adhering to the rules making company information susceptible to harmful networks.

BYOD Security

Call it a boon or bane of the smart device era, most employees are increasingly using their personal smartphones and mobile devices at work – making BYOD security a matter of concern for IT teams. Organizations allowing BYOD are working on implementing a strict BYOD security policy that clearly outlines the company’s position and governance policy. This they believe will facilitate better management of these devices, while ensuring that network security is not compromised by employees using their own devices at work.

Most companies are addressing BYOD security by configuring with passwords, prohibiting specific types of applications from being installed on the device or by ensuring that all data on the device are encrypted. Other BYOD security policy initiatives may include limiting employee activities on these devices at work, like for instance limiting email usage to corporate email accounts only) and periodic IT audits to ensure the device is in compliance with the company’s BYOD security policy.

Does your Company have a BYOD policy?