The ABCs of BYOD

    BYOD continues to remain top of mind in the workplace. While many in IT see BYOD as a necessary (and that’s debatable) evil that opens the network up to incalculable security risk, users see it as the next logical step for their productivity and efficiency. In some cases, users even go around IT altogether if BYOD is not permitted. The right BYOD program depends on the unique needs for a particular organization. But no matter what sort of program is implemented, it shouldn’t be done without first setting up a series of guidelines and best practices. Employees need to understand what will and will not be expected and tolerated from them when using their personal devices both inside and outside the office.

    With summer vacations coming to an end, now is a good time to take a fresh look at implementing and managing a BYOD program. The following ABCs of BYOD, identified by LANDesk Software, provide you with some do’s and don’ts, pros and cons, for your BYOD program.

    The ABCs of BYOD - slide 1

    Click through for some best practices you should consider for your BYOD program, as identified by LANDesk Software.

    The ABCs of BYOD - slide 2

    Organizations will need solutions that employ agentless discovery capabilities to proactively intercept devices and take the necessary steps to deny these devices access to infrastructure and data.

    The ABCs of BYOD - slide 3

    Organizations must have the capability to lock down employees’ devices whenever a threat is detected. This can include anything from remote wipe to sandboxing. Whatever the method, ensure that employees utilizing BYOD understand what the policy is.

    The ABCs of BYOD - slide 4

    Whether it’s a personal laptop running an old version of Java or a phone running an antique operating system, older systems have more security vulnerabilities than newer systems, typically. Maintenance and patching of these devices will insure the safety of enterprise data.  

    The ABCs of BYOD - slide 5

    This will create chaos in your BYOD environment. It will make it more difficult to control and manage device access and distribution of data. Limiting the BYOD program to a small number of the most popular platforms can reduce this chaos.

    The ABCs of BYOD - slide 6

    By enabling BYOD, you give employees more control over their technology and, by extension, enabling and repairing that technology. Empower them by ensuring they understand what the guidelines are for doing so. In turn, this will increase productivity in the work environment and free up more time for IT to work on business-enabling projects.

    The ABCs of BYOD - slide 7

    It is important to segment users into groups and assign these groups based upon characteristics of data they need to access. This makes it easy for IT to maintain control over corporate data and information.

    The ABCs of BYOD - slide 8

    When employees travel internationally, be sure to check up on possible legal issues they may encounter with a BYOD device. Germany, for example, does not allow employers to track locations through a device. This may not be disabled by default.

    The ABCs of BYOD - slide 9

    This will become especially important if a user’s device is lost or stolen. By allowing them to find out where the device was last located and find it themselves, IT not only empowers them, but also ensures they (and not the company) take responsibility for the loss of any personal data. Remember, users are just as concerned about their personal data as the organization is with their corporate data.  

    The ABCs of BYOD - slide 10

    Understand industry regulations and how BYOD fits into the equation. Different industries have different tolerances for risk that must be taken into account when deciding to implement a BYOD program and crafting the BYOD policy.

    The ABCs of BYOD - slide 11

    Before implementing a BYOD program, have a thorough understanding of the costs and risks that will be involved. Many organizations mistakenly assume that because the user purchases the device, not the corporation, money is saved. This is not always the case. Be sure to have a complete picture of where money will be saved and spent in a BYOD program.  

    The ABCs of BYOD - slide 12

    It’s important to understand that a BYOD program is about enabling users to work in the way that is most productive for them – and in turn, the company. It’s not about saving money on device purchases, but about enabling productivity and efficiencies with the end users. Other reasons include harnessing users’ comfort level with technology, empowering users to make more decisions themselves, and reducing support costs.

    The ABCs of BYOD - slide 13

    While most users will conform to the standard devices and operating systems, limit BYOD to a handful of supported platforms to ensure the safest and most manageable option.

    The ABCs of BYOD - slide 14

    When implementing a new BYOD policy, it is important for the company to develop a thorough plan catered to the needs of their organization. This plan should detail all possible sceneries and solutions, in an attempt to clear up confusion and guide employees to follow this policy.  

    The ABCs of BYOD - slide 15

    Some BYOD policies are not well managed, while others are overly restrictive, reducing the benefit derived from BYOD. It is important to develop the right policy that suits your organization and ensure that users are aware of and fully understand the policy.

    The ABCs of BYOD - slide 16

    Recent surveys have suggested that employees don’t always trust their employer with their personal data on their BYOD device. Open communication will help bridge the trust gap between employees and the employer.  

    The ABCs of BYOD - slide 17

    It’s important to be able to block devices from gaining entrance to sensitive or confidential corporate information. Not only does this ability help with compliance for many industries, it is critical in cases where a user device is lost or stolen.

    The ABCs of BYOD - slide 18

    When a BYOD program is added, there is the likely risk that users will bring devices onto the network without informing IT to ensure the devices are properly managed. To help mitigate that risk, ensure that the default isn’t to trust everything on the network, but to only trust approved devices and applications. This ensures the system remains secure. 

    The ABCs of BYOD - slide 19

    Be sure to have a complete understanding of the risks associated with a BYOD program and how it will affect the organization. Have plans in place to deal with lost, stolen or otherwise compromised devices. Ensure employees understand these policies and how it may affect them and their personal data.

    The ABCs of BYOD - slide 20

    Every unmanaged device is a potential gateway of insecurities. Be aggressive about updating policies, systems and patches to match the latest threat vectors to ensure that BYOD doesn’t become BYOV (bring your own vulnerability).

    The ABCs of BYOD - slide 21

    This is one of the primary advantages of BYOD. Users feel comfortable with their own device and will be the most productive with technology they have experience using. They can also eliminate some of IT’s workload by repairing their own issues, freeing up IT to work on business-enabling projects.   

    The ABCs of BYOD - slide 22

    By segmenting users into a small number of groups based on the information they need to access, risk is reduced by only allowing each user access to the information they need to be successful.  

    The ABCs of BYOD - slide 23

    Users will keep personal data on the devices they use for work. Ensure there’s a way to segment the data from corporate data to personal data. More and more stories are cropping up involving users suing employers for the removal of personal data from devices used for corporate purposes. These lawsuits are expensive. Avoid them by segmenting data.

    The ABCs of BYOD - slide 24

    Companies can’t allow any device, at any time. Companies should develop a core set of standards for employees to follow. This policy will be crucial to move forward in a BYOD deployment to ensure the company’s sensitive information remains secure.

    The ABCs of BYOD - slide 25

    Executives are likely to bring their own devices to work, regardless of IT’s consent or approval. Once this happens, use the policies put in place to secure both executive and end-user devices.

    The ABCs of BYOD - slide 26

    While many if not all employees will keep personal information on their business devices, it’s important to remember that the company does own the corporate information. Once it’s segmented, lock down the data that belongs to the company to ensure it stays within a controlled environment. Controls are important.  

    The ABCs of BYOD - slide 27

    If IT isn’t careful, the BYOD environment can quickly become a zoo. Avoid that through clear and consistent communication with users, strong and enforceable BYOD policies and employee education to limit the chaos.

    Get the Free Newsletter!

    Subscribe to Daily Tech Insider for top news, trends, and analysis.

    Latest Articles