The Trend of BYOD - Maximizing Benefits and Minimizing Risk

Read this article to better understand the trend of bring your own device (BYOD), how it affects company IT security, and how to handle it.

April 07, 2014 by Alex Collins, IT Services Consultant

These days everyone has their own laptopiPhone | BYOD, tablet, and smartphone. While it makes sense for businesses to reduce costs by allowing employees to use their own devices, it also brings up some serious IT security concerns. Balancing your business needs with security requirements and employee preferences takes some work. Here’s how you can make it all come together.

IT Security Threats

Some of the first threats people think of are hackers, viruses, and malware. They start thinking about employees using their devices on public networks and installing all manor of software. Then these devices are brought into the work place and connected to your secured networks, only to drag malicious code in with them. These network concerns can be managed by setting up a secure network for trusted devices and a separate network for employee owned devices. However, the more common security threat from employees using their own devices is restricting access.

What happens if an employee loses their cell phone which has access to their company email and contact list? Your clients will not be happy with your inability to secure their private information and your business could lose control of trade secrets. Similar issues arise when an employee allows their children to use their laptop for school work or when the computer is stolen from a cafe table. These security threats are real and your IT services department needs to address them.

IT Services Risk Management

Some basic precautions can be taken to ensure proper security when employees bring their own devices. For one, all sensitive data can be securely stored on a network drive or other cloud storage service. The important thing here is that the data needs to be kept on the network and off the employee’s device so Dropbox is not a good solution here. In the event the device is lost or stolen, blocking access to the data is a simple matter of changing the login credentials. Any data that is transferred to a portable device should always be encrypted so it cannot be read if the device is lost or stolen. These two steps ensure that your company data will be safe even if an employee brings their own device for work.

It can be tough to balance your business needs with security requirements and employee preferences. However, proper planning can take some of the stress out of bring your own device policies. Here are four steps to address the problem:

  1. Separate trusted devices on a secure network from employee owned devices.

  2. Store sensitive data on network drive or cloud storage and be sure to restrict access with individual user credentials.

  3. Change login credentials immediately when a device is lost or stolen.

  4. Ensure any data transferred to a portable device is encrypted.

The All Covered Difference

If your business is currently integrating employee devices or planning an integration strategy, All Covered has experts who can help you create and manage a BYOD policy that would protect your sensitive data and allow for more flexibility and resources in the workplace.