Whether CIOs like it or not, employees will bring new mobile devices to work and they will use them in their day-to-day work.
Instead of fighting this practice, smart companies are cautiously embracing it for the sake of gains in productivity, flexibility and employee satisfaction.
Companies need to implement well thought-out mobile device security and BYOD policies that do not get in the way of the pace of work but also do not compromise information security.
1. First things first – protect enterprise data and apps
The primary goal of BYOD management in the enterprise is to safeguard data and applications while allowing the organisation the flexibility and efficiency gains of BYOD. To achieve this, security policies and mechanisms must be put in place for enterprise data access from personal devices.
Tight control on who has the privileges to run what enterprise apps from what device helps minimise the risk of data loss or corruption. To protect sensitive information, time window and location based fencing can be enforced for access control.
2. Secure the device
When an employee is walking around with an access point to your crown jewels such as intellectual property and confidential information, precautions are in order to thwart unauthorised access, malicious attacks or inadvertent disclosure due to device loss or theft.
Locking down the corporate data on device via multi-factor authentication, access control, containerisation and capabilities to track and remotely lock and wipe containers on the device provides the gatekeeper protection you need.
3. Ensure personal privacy
>See also: Taking mobility by the reins: the rise and fall of BYOD
Limit location tracking to the boundaries of the work location, except in the case when a device is lost or stolen. Avoid rigid policies in “blacklisting” and blocking apps on the device. Allow apps to run on the device while securing the workspace using geo-fencing controls. Also, ensure that personal device content is not wiped without employee permission.
4. Automate enrollment policies
Simplify BYOD enrollment by using employee credentials for authentication and configuration settings for enterprise access, including the use of VPN and secure HTTPS sessions. A cloud based enterprise mobility management solution makes user self-enrollment easy via link provided by centralised push, email or text.
To protect against malware or virus attacks, security policy should ensure that devices are running approved OS version with all the security patches included.
An EMM solution also brings the capabilities to detect and quarantine infected or compromised devices for a broad range of iOS and Android devices, including jail broken iPhones and rooted Android devices. Enforcing security policies for end point protection on BYOD devices is a critical first step for securing corporate access.
5. Monitor and take action
Real-time monitoring of data access and audit trails help contain the risks associated with BYOD access to enterprise data. Alerts and notifications to the user and admin upon security policy violations should be automatic and corrective actions must be pursued.
Analytics on usage patterns and logs relating to enterprise data access and business related communications can reveal threats and potential security breaches that can be addressed pro-actively, preventing breach or loss.
Sourced from PJ Gupta, CEO of Amtel