What BYOD Means for the IT Team
BYOD, which stands for Bring Your Own Device, has proved popular with employees who feel comfortable using their own familiar tablets, smartphones and laptops, rather than company-owned devices. Empl...
, which stands for Bring Your Own Device, has proved popular with employees who feel comfortable using their own familiar tablets, smartphones and laptops, rather than company-owned devices. Employers also recognize the benefits of a BYOD policy in terms of improved mobility, productivity and increased customer satisfaction.
Mobile productivity is important with more employees choosing to work from home or needing to remain in contact when they are away from the office. They can use software apps on mobile devices that support advanced solutions like Voice over IP () or Unified Communications and access the full range of telecoms services.
But, for the IT team, BYOD represents a major challenge. They have to ensure that any corporate data on a BYOD device is secure. Achieving the right level of security across so many different devices, models and apps can stretch IT resources and divert them from more strategic tasks. And, they have to balance security of corporate data against the privacy of an employee’s personal data on the same device.
It’s no real surprise that a number of new initiatives are gaining popularity as alternatives to BYOD. These include COPE – corporate-owned, personally enabled – and CYOD – chose your own device. With these initiatives, IT teams aim to get back greater control of the devices and data in use while giving employees some of the freedom they enjoyed under BYOD programs.
For businesses that continue to offer BYOD programs, security remains the number one consideration. Employees may prefer their own devices because they are familiar with capability and operation. And, their devices may be higher specification, compared to a company device.
They use their devices to send and receive company email, access corporate databases and applications, and make calls to customers, colleagues and business partners. That’s when it becomes a problem for the IT team. With corporate devices, they can secure the data to their preferred standards, apply security patches and upgrades, backup critical data and control access. If the company is subject to compliance regulations, that level of security is vital.
But, with BYOD devices, it may not be possible to apply the same standards for two reasons. The team may not have the skills or resources to configure security on a wide range of different devices. The second reason is that it may not be possible to apply security to a dual-purpose device that includes both corporate and private data.
The privacy issue becomes even more critical if a BYOD device is lost or stolen. With corporate devices, IT teams have the capability to remotely wipe data before it is compromised. But, wiping personal data such as photographs or identity material on a BYOD device could damage employee relations and potentially lead to legal action.
Regaining security control
IT teams have responded to the security challenges in a number of ways. Some set up guest networks that allow BYOD users to access a limited range of corporate data that carries lower risk if it is compromised. Others run a(virtual private network) which enables users away from the office to access corporate data and applications over a secure network. A third approach is to outsource BYOD security to a specialist firm with the skills and resources to secure the many different devices used in a company.
While BYOD remains popular, initiatives like COPE or CYOD may prove more successful in maintaining the balance between freedom, productivity and security. With COPE, the business owns and secures a standard range of devices to corporate standards, but allows employees to use part of the device to store their own data.
That gives the IT team the ability to carry out the full range of security operations across a limited range of devices. They do not have to recruit additional staff or outsource security to cover the wider range of BYOD devices.
CYOD gives employees a greater element of choice by allowing them to choose from a variety of devices that are approved by the company and secured by the IT team. Here, the employee pays for the device, but the company owns and controls the SIM card.
Long-term future for employee choice
By adopting one of the programs, businesses can gain the productivity and mobility benefits of BYOD while minimizing the risks. With research firms like Instat forecasting a tenfold rise in business mobile use between 2013 and 2023 and Juniper Research predicting more than a billion devices used in BYOD or equivalent programs by 2018, it’s essential to get the security basics right.