So You Want To Go BYOD?

Blog /So-You-Want-To-Go-BYOD
Bring Your Own Device (BYOD) is the current hot trend.  There are many perceived advantages for allowing your employees to bring their own devices to work and have access to your company resources, but is BYOD right for you? Can you make mistakes when developing your BYOD policies? Can you really let any device connect to your resources?

Let's look at a few top issues that you should be aware of.

What Devices Should My BYOD Policy Include?
BYOD used to mean Bring Your Own [Smartphone or Tablet] Device.

BYOD has now morphed into Bring Your Own [Smartphone, Tablet, or Laptop] Device.  What devices do you want your BYOD policy to include?

What Smartphone And/or Tablet Devices Should I Allow?
Today the market is awash with Smartphone and Tablet choices. If you adopt a BYOD policy that includes Smartphones and Tablets, can you really allow your employees to bring in any device they want, and expect that the device is secure enough?

Not all mobile devices can be secured to the same level.  Apple has built strong and flexible APIs into iOS that allow Mobile Device Management (MDM) vendors to tightly secure, control, restrict, and monitor iOS devices. Google’s Android is very insecure and does not provide many built-in controls.

Vendors like Samsung have made radical new versions of Android to try and make it more secure.

You can either limit the device choice to iOS and a limited selection of Android and Windows Phone/Windows RT devices, or you could use a method of device security called Containerization that I discuss in its own section below.

Will You Allow Laptops?
If you allow your employees to bring their personal laptops, which ones will you allow, and how will you ensure that they are secure? Some MDM vendors do offer laptop management, but you may choose to use virtual machines instead which allow you to create a “company-secure build” of Windows, and have that virtual machine run on personal Windows, Mac OSX, and Linux laptops.

Mobile Device Management (MDM) or Containerization?
The traditional method of securing Smartphone and Tablet devices is to use MDM. This allows the IT staff to have full control over the mobile device if they decide to, or only control the company data and apps.

Your employees may not appreciate that you have full control over their mobile devices and may prefer that you only have control over part of their device, leaving their personal data alone.

Containerization (also known as Dual Persona) provides the same security policy across all Smartphones and Tablets no matter what operating system they are running, and provides personal and company data separation.

Bring Your Own App (BYOA)
BYOA is a movement that leverages the popularity of containerization, but to the app level. You only have control over the app in the container, and not the device. The app is secured in its container, and may have access to data behind your firewall via a secure connection from the container.

Monthly Voice And Data Costs
When you allow your employees to use their own devices, you should consider whether you want to compensate them in some way.

If employees need to travel internationally for work, how will you handle international voice and data rates?

Support Costs
When you adopt a BYOD policy, you will need to decide whether you want to provide support for your employees, and how much support.  Your employees may be bringing devices running multiple mobile operating systems (and in the case of Android, many variants of that operating system).

What type of support will you be offering through your Helpdesk?  How will you effectively train your support staff, and will you need to hire more people?

How Do You Translate Your Current Laptop Security Policies To Mobile?
Most companies already have well-established security policies that they apply to company-provided laptops.

While your may want to simply use those same policies on Smartphones and Tablets that access your resources, it may not be practical to do so. Plan on using a subset of your current end-point polices for mobile.

Conclusion
As you can see, creating a BYOD policy encompasses many different areas, and there are many decisions to be made so that your BYOD policy does not fail.  Making it too restrictive or invasive could lead to rebellion by your employees.  Making it too relaxed could lead to exposed company data or data leakage. Not accounting for all variables could actually lead to an increase in cost, instead of the decrease you were hoping for.

 

Post Date: 3/6/2014

default blog image Craig Johnston

About the author

VIEW ALL POSTS
EXPLORE OUR BLOGS