Three strategies for a successful BYOD program

As mobile penetration continues to grow in Australia, more organisations are adopting a ‘mobile-first’ approach to engage with employees and are following a bring-your-own-device (BYOD) approach to rapidly enable the enterprise.

Mobile security requires organisations to carefully plan and protect their data - particularly when implementing BYOD work programs.

The goal is to adopt effective BYOD security policies while not making it difficult for employees to perform their roles. Executed properly, enterprise-wide BYOD programs can reduce technology expenses while increasing end-user productivity and improve morale as employees can use their own devices.

For many organisations, the existing, laptop-based user experience is clunky and cumbersome. For example, users are forced to connect with a virtual private network (VPN) before accessing company documents and networks.

On mobile devices, this process may not be practical if users constantly switch between work and personal tasks.

Companies can implement in-app VPNs and Micro VPNs, which automatically connect specific apps to the corporate network without requiring users to make that connection manually.

Companies can also distribute secure browsers, allowing users to automatically connect to intranet sites or web application servers via internal links, without manually launching and connecting with a VPN.

Without a well-designed and unified BYOD management strategy in place, companies risk exposing their most sensitive data to outside sources while stunting employee innovation. Here are three ways for organisations to adopt a successful BYOD strategy:

1. Maintain transparency

Attempting to hide unflattering aspects of a BYOD plan can backfire. Being truthful about employee privacy rights and enterprise mobility management components fosters a sense of trust between decision-makers and their employees. The technology is designed to protect, and keep secure, corporate information.

At some companies, however, the system may collect employees’ personal location information and personal apps. Successful BYOD programs have privacy filters installed to restrict access to most personal identifiable information.

At the same time, building trust works both ways. CIOs and company leaders should feel confident that employees are responsibly embracing the freedom of enterprise mobility. If at any point the leadership team feels that workers are not handling company data securely, they should have the option to implement stricter BYOD controls.

Additionally, BYOD deployment should complement employee training. It’s a growing trend for companies to teach employees what is and is not acceptable, and which apps require caution.

For example, no employee should forward a corporate document to a personal mail account or take photos of meeting notes if the phone is set to upload all photos to the web and/or social platforms.

2. Maximise the security of employees’ devices

Security is a must for all BYOD plans so that IT professionals can maintain control over sensitive data stored on employees’ mobile devices. Real-time monitoring and remote wipe capabilities, if a device is stolen or lost, are some of the features IT leaders can use to combat security threats quickly and respond to them effectively.

Healthcare and financial services firms have traditionally had the highest security standards, but companies across all industries are restricting the copying and pasting of sensitive information from mail, calendaring and contacts to non-approved applications.

This approach ensures that users cannot send or save important information, whether intentionally or by mistake. The separation of corporate and personal data can help ensure appropriate levels of security are in place.

3. Monitor corporate information consistently

If a security breach occurs, it is important for IT teams to respond quickly and effectively.

Companies often set up automated alerts to notify them in near real-time when a device is outside its predetermined ‘geo’ fence; when a blacklisted application has been installed; or when a user has reached his or her data limit.

Such real-time monitoring capability allows IT teams to identify security violations quickly.

These strategies can help companies adopt enterprise mobility programs that encourage more efficient work processes without creating security risks. The most optimal mobility strategy makes devices secure without impeding employees’ pace of work.

Image courtesy Yagan Kiely under CC.