Page 1 of 2
Allan Thorvaldesen is CEO and co-founder of Panorama9. He is a serial entrepreneur with more than 20 years experience in IT and device management. Here, he outlines ways in which to formulate an easy-to-follow Bring Your Own Device policy (BYOD policy).—Jennifer D. Bosavage, editor
When companies let employees use their own devices for work, they benefit from a more engaged workforce. The flexibility makes the organization a more attractive place to work, particularly among Gen Y and Gen X workers. Perhaps most importantly, when employees can check in from their own devices, they will be more productive and connected to their work outside of traditional office hours.
However, the advantages of BYOD policies are often tempered with security concerns and the added pressure on IT to manage and secure a mishmash of devices. Whether you or your customers have a formal BYOD policy or not, chances are employees are trying to use their own Macs, iPads, Android phones, or other personal computing devices on corporate networks.
Related: How to Update a Customer's Data Protection Plan
Here are five easy ways to help maintain the security of networks and data in the new reality of the BYOD world:
1. Ensure that employees don't leave a computer open without a password-protected screensaver.
Data collected by the Panorama9 system shows that on average 23 percent of company computers are left on during the night, and 58 percent of those computers don’t have a password-protected screensaver. That means that anyone – from a co-worker to cleaning staff – is able to walk right up to one of those computers and instantly have the exact same access rights as the real owner.
Regardless of how sophisticated your firewall system, network encryption and server security, if access to an end user device is not physically secure, then your data isn’t secure. Period. Fortunately, the solution is simple and readily available. Any device used to access company data should employ a password-protected screensaver that’s available via any operating system. In addition, an IT management system can easily notify IT when an idle computer is left unlocked on the network.
2. Encrypt all employee file storage.
Along with bringing their personal iPad or computer to work, employees tend to store or share work documents on their own storage accounts such as Dropbox or Box. While that might make it easy for employees to access files from home or share a presentation with a co-worker who isn’t connected to the corporate server, it also opens the door to numerous security risks.
The BYOD policy should make sure any cloud-based file storage is encrypted. For example, Box encrypts data with 256-bit SSL when transferred to and from the Box cloud, and uses 256-bit AES for data at rest. If you find that employees are using their own personal storage accounts, you may want to provide company accounts. That way, when an employee leaves, the data stays with the company.
3. Ensure all employees have up-to-date software and operating systems.
With weekly vulnerability and update announcements, patch management is a never-ending task – one that’s made even harder when IT needs to manage critical devices across a mix of devices, applications, and operating systems.
With the rise of botnets, worms, and malicious websites, patch management has become just as important as having an antivirus solution. For example, the recent Flashback malware outbreak infected more than 600,000 Macs and resulted in two security fixes for Apple’s OS X 10.5 Leopard.
With BYOD policies, you’ve got to make sure that all devices are updated with the latest patches and have the very latest version of any third party applications such as Mozilla Firefox, Adobe Flash, or Sun Java Runtime. Best practices involve automating the update process, rather than relying on employees to perform each install.
