By the DynaSis Team
BYOD (bring your own device) is becoming an imperative for businesses. As we discussed recently, it is also one of the chief benefits of cloud computing. Yet, with the FCC and FTC recently announcing a joint investigation into mobile device security, BYOD is not a business practice to be taken lightly.
Statistics indicate many employees will engage in risky mobile behaviors, even with corporate devices. Business owners must develop and maintain a functional mobile security framework and then ensure their IT support team or managed IT services provider has the competency to administer it. It should be flexible enough to accommodate the realities of device usage but strong enough to protect business interests. Following are three key recommendations:
- Protect What Matters Most. Organizations should “compartmentalize” corporate assets so that only workers with a high level of clearance can gain access to the most sensitive materials. (Restricting data behind a cloud-based portal is a good solution; controlling access is an even better one.) Notify all personnel of the policy and remind them of the potential havoc that could ensue if they are careless with data.
- Enable “Lock and Wipe” Functionality. Mobile security solutions managed by an IT solutions firm almost always have the ability to wipe all traces of data from a device. Corporate “portal” solutions offered by managed services providers often go farther—with session wipes after corporate data is accessed from a mobile device. Firms that haven’t yet adopted these protections should at least require workers to enable built-in or provider-based remote lock and wipe features for any personal devices on the corporate network.
- Provide Appropriate Response for Infractions. There should be clear rules separating an inadvertent error, such as losing a phone, from engaging in “hacker-style” behavior. (One example is “jailbreaking,” where the user makes system-level changes, prohibited by the manufacturer, in order to install a third-party application.) For innocent mistakes, the business should encourage the employee to report the problem as soon as it is discovered and provide IT assistance if needed. In the later example, the employee should receive a formal warning—with dismissal a potential outcome.
Using BYOD may blur the lines between personal and corporate life, but that doesn’t mean business leaders can’t redraw them.
DynaSis has been providing managed IT support services to Metro Atlanta’s small to midsized businesses since 1992. We provide Availability – making sure your network is up and running; Mobility – allowing your employees world-wide access to your network; and Security – as an Internet security company, we resolve “issues” before they grow into problems. If you want to learn more, please visit www.DynaSis.com, or call us at 678.218.1769.