From a user’s perspective, bring your own device (BYOD) to work is ideal – it provides users access to all of their personal apps and data, while using work apps and data on their devices as well. However, to an IT administrator, this scenario can sound like their worst nightmare! From IT’s viewpoint, BYOD could mean that the company network could be infected by a user’s personal device, or a user could walk off with company data, or their device could be lost or stolen. The nightmare goes on and on. But, with the right safeguards put into place, this BYOD nightmare can come to an end for IT administrators.
Written Mobility Policy
First of all, a clearly defined written BYOD policy should be put into place at every organization, so that allowable BYOD usage is specified from the start of employment. This policy should be comprehensive, including these and all other facets relevant to your organization:
- Provide a list of approved BYOD devices
- Communicate that all devices need to be registered with IT, so that device management policies can be put into place
- Decide which employees get to bring their devices to work
- Identify who pays for devices (company or individual)
- Are devices with photo and video capabilities allowed?
- Define device support – through IT department or through device or service vendor?
- Invoke best practices:
- Implement password protection on all devices
- Provide immediate notification to IT management if devices are lost or stolen
- Determine which mobile apps are allowed
- Enable acceptable use policies for internet usage home vs. work
- Define consequences for not complying with the policy
- Include this policy as part of the employee handbook
Mobile Device Management Software
Secondly, the implementation of Mobile Device Management (MDM) software on all personal devices used in the office will provide IT the control it needs to guard against security breaches and data leaks. This type of software can enable administrators to manage multiple devices via one central management interface. The interface can be used to secure devices and allow IT to manage and monitor all mobile devices.
When determining which MDM software package to use in your organization, IT should consider which software is already available onsite that can be utilized for parts of this process. For instance, can AD or group policy be used to control BYOD access or can these devices be restricted via IP or name through your firewall or router? Next, IT should determine which safeguards should be put into place to keep compliant with the corporate mobility policy. A list of requirements should be compiled that may include: management of device emails, content management, privacy and data compliance, reporting, and more. The MDM software should also likely include the ability to remotely wipe data, enable data encryption, and provide data archiving for disaster recovery and to comply with legal data retention requirements. Here is a list of recent MDM options to consider for your company:
- MDM Considerations
- AirWatch by VMware
- Amtel MDM
- BlackBerry BES10
- CA Technologies MDM
- Citrix XenMobile
- Dell EMM
- Good Technology MDM
- IBM MaaS360 MDM
- McAfee EMM
- Microsoft Enterprise Mobility Suite (EMS)
- MobileIron EMM
- SAP Afaria MDM
- SOTI MobiControl MDM
- Symantec Mobile Management
IT Staff Training
Finally, to rid your organization of the BYOD nightmare once and for all, you need to ensure that your policies and controls are sufficiently communicated and understood by all employees. IT can start by assessing employees’ knowledge of their devices, and the platforms and operating systems that run on those devices. It also should be ascertained whether users know if security can be activated on their devices, the level of troubleshooting they are able to do on their own, and if they have access to mobile apps that can provide secure data access.
Once the users’ level of knowledge is discovered, then the customized user training can commence. This training can be implemented via lunch-and-learns or staff meetings. IT may consider bringing a couple devices to play around with or utilize a test environment especially if MDM software is available for implementation and use. As updates to policies occur, they should continue to be communicated via email, posted on the office’s community bulletin board, and posted on the company intranet, if available.
By implementing a clearly defined written BYOD mobility policy, utilizing Mobile Device Management software, and by training your users on corporate BYOD standards, IT’s BYOD nightmare environment can turn into a mobile management dream come true.Tags: BYOD, IT Infrastructure