When it comes to BYOD, how do you balance employee demands with business security?
5 min read
09 August 2017
The last year has seen businesses attacked with different kinds of ransomware – WannaCry, Petya – which has caused many leaders to doubt their BYOD policies. There is a way to ensure better smartphone security though.
To secure or manage anything, you need to control it. For years, IT had control over its domain. If you wanted a new piece of software or phone, you asked IT for it. There was good reason for this. If it went wrong, IT could fix it quickly because it knew the environment so well. But the model of IT having exclusive control has been slowly eroded, highlighted by recent trends like Bring Your Own Device (BYOD).
The so-called “consumerisation of IT” (where technology innovations are largely fielded to consumers first before being implemented by businesses) has turned IT on its head. Employees can now buy the best for their personal needs and download an app in seconds, so they are baffled when their place of work expects them to jump through hoops just to update Office 365.
A reaction to employee’s higher expectations has been the trend towards BYOD. In businesses with a BYOD policy, employees are not just allowed to use their own devices, they are actively encouraged to do so.
Staff generally love BYOD because they can use the technology they want to use and don’t have to carry multiple devices for personal and work use. Businesses love it too, because employees are more productive and they can spend less on new hardware.
But this change in ownership has also eroded the control, and with it the protection, that IT once provided. With cyber security attacks against businesses on the rise – particularly with the recent epidemic in ransomware (WannaCry, Petya, etc) – is it time for IT to take back control?
The most popular device that employees want to use at work is their smartphone – a device which combines ultra-portability, high computing power and 24/7 connectivity. At the very least, a smartphone will have access to the company’s email system, but it could also have access to its VPN and run a number of proprietary apps with direct access into the company’s ERP system.
By their very nature of being mobile, smartphones probably pose the biggest risks to information security. Imagine someone picking up their workstation and walking out the door with it every evening. This is effectively what employees are doing with their smartphones. However, due to BYOD, a large proportion of these devices aren’t managed by IT because they didn’t provide them.
Instead of walking out the door with their office PC, it’s the equivalent of bringing in their home laptop – complete with all the unapproved apps that their teenage children downloaded the night before – loading it up with corporate data and then walking out the door with it.
A third way: Enterprise mobility management
It is clear that when it comes to BYOD, organisations need to balance user freedom with the control necessary for security. In fact, it is essential. A totally unmanaged device with full corporate access is a significant security risk, but most employees do not appreciate their employer taking their new iPhone 7 and loading it up with onerous security applications and restrictive policies. The result? They “go rogue” and don’t tell IT about their new device, undermining the organisation’s security policies in an instant.
Businesses cannot turn the clock back on BYOD, so they must find a way to manage devices that maximises security while minimising interference. The method that many businesses are turning to is enterprise mobility management (EMM), which provides a single dashboard for monitoring, managing and securing an employee’s mobile device. EMM allows businesses to set access controls for applications, data, apps, email and pretty much anything else within any device it is installed on.
Much to the user’s delight, EMM doesn’t bloat s phone with visible corporate controls either and can also prevent an employer from gaining access to their employee’s personal information by separating work and home applications.
The reality is you cannot undo technological innovation. You can only embrace and work with it. Enterprise Mobility Management is the third way for businesses, allowing them to maintain the BYOD policy that has proved so popular with employees while giving back enough control to IT to keep the business safe.
Who knew being in control could be so freeing?
Lorrin White is MD of Bamboo Technology Group