Apple, Android, Windows Phone. Ask any of your employees and they’re likely to express a personal preference for – and own – one of these devices. They’re also likely to bring it to work with them on a daily basis and use it for work – often in preference to devices that your organization may officially supply them. What this means for organizations is free devices and less hardware to maintain. What this means for network administrators is a strategy to secure the network.
According to a 2013 report by Ovum*, around 37% of employees in the United States use their own devices at work, regardless of the official policy. And it probably comes as no surprise that your IT staff are likely to be leading the charge. According to the report, well over 80% of IT workers practice BYOD, very closely followed by Customer Service and Sales staff.
And although the global average rate of BYOD is around 56% across all industry verticals, IT and Telecoms; Entertainment and Financial Services all have a higher percentage than the average. Even Federal Government hasn’t escaped the onslaught.
Regardless of what employees bring to the network, whether it’s a notebook, tablet, smartphone, PDA, or other portable device, you will need to develop a BYOD strategy. These devices must be managed and secured to address your company’s security standards and mobility needs. Employees should not be discouraged from BYOD but rather encouraged as long as they abide by the strategy. Maintaining a solid BYOD strategy is key to maintaining a company’s business flow and operations. Anytime a foreign device is used to conduct business it must comply with network and security standards to avoid spillage and other threats.
BYOD business solutions
Various solutions are available for BYOD friendly networks. Each one should focus on different challenges. These solutions should consider securing email, contact lists, calendars, and applications for use by employees with secure endpoint management.
With cloud computing, companies can extend their mobile security and simplify application deployment. You can develop cloud based applications your employees can freely download and use on their mobile devices with the comfort of knowing it will be secure regardless of the device it runs on. Custom applications can keep your employees connected no matter where they are with secure encryption and password protection.
A solution to optimize your network with BYOD strategies would improve your workload capacity to support more mobile devices. These strategies can ensure adequate bandwidth to promote a productive workforce. You can secure your data and application processes from any mobile device throughout your network with a business ready, employee centered solution that includes secure remote access through secure VPN tunnels that are policy enforced.
Modernizing your applications into a mobile solution will enable business applications for mobile devices your employees introduce to the network. If you modify your existing mobile applications to be compatible with Android, Windows mobile, and Apple you can use desktop virtualization to deploy your lines of business applications to your employees. You can also tailor these for your customers as well which will generate more revenue by expanding your customer base.
Encouraging employees to BYOD
Employees feel more comfortable using their own devices. After all it is their own personal device which they already know how to use so no training is required. By allowing and encouraging BYOD, employees not familiar with company issued devices are more productive and are more apt to upgrade their devices more often.
Saving money and offering incentives
BYOD programs can save money by shifting costs to employees who are already paying for their mobile devices. Incentive programs can encourage employees to upgrade faster and more often if they have a corporate discount on their mobile devices. With the option of replacing a company issued device by offering discounts and encouraging employees to use their own, companies can free up funds for other areas in the organization.
Successful BYOD strategies require a strong separation of personal and corporate information. This can be established through proprietary apps and network segments dedicated to BYOD users. Network administrators can develop group and user policies specific to BYOD employees. These policies can be deployed to appear seamless to the user while maintaining the integrity of the network.
By offering employees a BYOD program, companies can also reduce their risk of hardware failure, loss, and repair. With written policies telling employees they are welcome to participate in the BYOD program but by doing so with their own personal devices the company does not incur the risk or liability if their device is lost, stolen, or damaged, companies can expect to see growing savings every year. People may be more likely to take better care of their own personal devices than company issued devices anyway.
Monitor telecommuters and ensure employee safety
Companies can also keep better track of their employees who use their own devices rather than company issued devices. Many employees who have no need to take a company issued device home will likely leave it at the office. An employee who uses a personal mobile device for both work and home use will likely carry the device with them nearly everywhere they go. This allows companies to keep their employees more accountable and to stay in touch in case of emergencies.
Companies can ensure the safety of their employees by means of enforcing a “no texting while driving or operating heavy machinery” policy while using their device for business. This type of policy can create a safe work environment for telecommuting employees. By developing tools such as time trackers, companies can also ensure their employees log the correct amount of hours every week. These policies can benefit both the employee and company by providing the flexibility of working from home to allow employees to take care of personal things while keeping track of tasks through accurate time logs.
Supervisors can get a better grasp of what their employees are doing during the time they are not in the office. This is not unreasonable since employees are expected to be accountable during the time they are in the office so why should they not be accountable when they are not in the office charging hours to the company? Just because a company allows employees to BYOD does not mean they are not held just as accountable as those who don’t take advantage of the BYOD program.
Not only can this accountability benefit supervisors it can benefit coworkers of BYOD employees as well. Team members can easily reach out to their coworker who may be out for the day if they need a certain document by reaching them at their personal device. This connectivity can help a team be more productive and achieve more throughout the day instead of waiting for a colleague to return from a vacation or sick day. Close-knit working groups depend on everyone involved to participate and communicate constantly so daily meetings and video calls to fellow team members more readily available through their personal devices makes a group more productive.
Understanding the risks
When employees use their own devices for work they bring risk to the network through file sharing outside the office. This can make it difficult for IT to maintain control of the network. This risk can be known as the “consumerization of IT” which involves third party cloud services and aps such as social media and cloud storage. This trend is fed by allowing people to work anytime, anywhere. This includes mobile device management, data protection, network security, and other threats.
By understanding this risk, companies can take precautions to defend against network vulnerabilities. By properly managing company data and limiting the company’s liability on personal devices, companies can mitigate these risks. Much like strong security policies protect a company’s existing network, strong BYOD policies can provide the same security.
Social engineering has almost always been a threat to network security. BYOD users are just as susceptible to these attacks. Hackers and criminals can fool employees into installing malware on their devices by posing as company IT technicians contacting them and requesting access to their company proprietary applications or access. BYOD employees have almost double the risk of social engineering attacks through not only social networks such as Facebook and Twitter but also by professional networks.
Criminals can use social networks to find out where an employee works and research that company to see if they have a BYOD policy and use that information to attempt a social engineering attack. Companies should discourage their employees from posting status updates indicating where they work or that they are using their personal device for work. By keeping such information private, the risk can be reduced quite a bit.
BYOD Management solution
While BYOD has become a growing challenge in IT management, solutions are available through System Center 2012 SP1 and Windows Intune. The latest releases can provide a combined enterprise management solution for BYOD mobile devices including Apple, Windows Phone, Windows RT, and Android. System Center Configuration Manager offers a unified console to manage inventory, compliance policies, and applications for various devices to maintain a balance of flexibility in mobile devices with controlled management.
Next week we’ll look at ways organizations of all sizes can easily manage BYOD in the workplace.
Contact Agile IT’s BYOD experts today for a free consultation.
- “Solving the hidden network challenge of BYOD”, Ovum. Published 06/2013