It’s cheaper that way. But it’s also more dangerous, and unless companies have strict, clear policies on the use of employee-owned devices, they potentially create security risks and IT management nightmares.
Managed service providers (MSPs) can help prevent those problems by working with customers to define and craft BYOD policies and deploy security and management tools to protect business data as it travels between the network and employee-owned devices. All it takes to create a security incident is for one distracted employee to download an app containing malware designed to steal information or cause disruption.
To ensure a successful BYOD policy, here are five best practices MSPs should help customers implement:
Explain to customers that allowing employee-owned devices to access the network doesn’t mean abdicating the employer’s right to approve the devices. Some mobile operating systems and devices are more secure than others. Research which smartphones, tablets and laptops are the best fit for your customers’ environments and work with customers on a list of approved devices to disseminate to employees.
Security is the primary concern associated with BYOD. All employee-owned devices must have the proper safeguards, including strict password policies, malware protection and wipe capability to erase all business data in the event of loss or theft. Employee-owned devices should be placed on the company’s patch management schedule to ensure the operating system and apps are kept up to date. Outdated software creates security holes.
User-owned devices contain personal information. There’s no way around that. Any employer that hates the thought of this shouldn’t allow BYOD. It is possible, however, to keep personal and business data separate through the use of containers, whereby minimizing the risk of improperly sharing business information. Typically, corporate information is isolated through encryption and authentication controls.
Deciding which apps to sanction can be tricky for employee-owned devices. Still, your customers need to understand the security and legal risks of allowing users to download any application they wish. With containerization in place, the risks are lessened but not eliminated. Advise customers to tread carefully on this matter. If they choose to ban certain apps, they should explain the reasons to users and offer insight into how the policy protects both the business and the employees.
Allowing, or requiring, employees to have their own devices raises technical support questions. Who’s responsible for maintaining and troubleshooting the devices? Presumably as an MSP, you take on that responsibility for the client, so it’s important users know that. However, you and the client still need to address sticky questions around how to deal with personal-use applications that cause performance issues or interfere with other software. Whatever the approach to these issues, make sure users understand the rules.
Managing BYOD can be a real headache for both MSPs and their customers. However, sticking to these simple guidelines can help steer you away from BYOD spelling bring your own disaster!