BYOD (Bring Your Own Device) is becoming increasingly common. Employees use smartphones and tablets to access corporate assets such as email , social media sites, network drives, cloud services and documents. This is seen to be positive as it increases employee productivity and lets people work outside of a central office environment.
However, there are are a number of risks out there. Malware , viruses, theft, unsecured devices and a lack of control can put corporate data at serious risk. Without a BYOD policy in place, it is easy for someone to accidentally release important data and sensitive materials to leave the confines of an organization. Make sure users follow these simple guidelines below to protect your security and to draft your own BYOD policy.
Keep business and personal data separate
Provide users with a set of corporate applications that holds corporate data separately from user data. Management will be able to wipe data from devices so this separation of data can be achieved through good app planning with programming and management suite policy enforcement.
Have encrypted corporate data
Without encrypted data, compromised devices can give up important details too easily. Encryption means that data will not be readable should it be viewed by the wrong person.
Don’t let users access data offline
If you have high levels of security for documents and applications, you do not want anyone to have the ability to download or view cached versions on local devices. Only allow access to sensitive information when users are connected to the corporate network.
Use a mobile security management suite
To enforce security policies for a device, application or document, you need to use a mobile security management suite. This should easily integrate into your corporate environment so no user’s device can access company assets without being properly vetted by security policies.
Never allow jail-broken or rooted devices to be used
If a device is jail-broken or rooted, mobile security suites consider these to be ‘security compromised’. Therefore, they are more at risk of security threats than secured mobile devices.
Use screen lock passwords
Don’t let users neglect implementing a screen lock password. They are simple to set up, yet provide a high-level of data security. Mobile security suites can enforce this for users’ devices if you feel that employees will not do this of their own volition.
Enforce regular OS and patch updates
Users need to keep their devices updated with the latest operating systems to ensure protection against malware . Updates will often fix security vulnerabilities from minor updates to major revisions. These can be enforced from some mobile security management suites to ensure the highest available patch levels.
Require VPN for connectivity
Secure VPN connection enforcement should be standard practice. Device-level VPNs securely connect a device to the corporate VPN server, whereas application-level or micro VPN connectivity ensures that all application-related data transmissions are secure.
Require periodic re-authentication
Check the user is genuine with periodic re-authentication. if you don’t do this, security vulnerabilities can occur if a device is stolen or compromised in any way. You can also enforce re-authentication using management suites.
Have custom profiles for every device
There are many different manufacturers and types of devices on the market like smartphones , tablet PCs and laptops. It is a good idea to have separate security for every supported device. If you only use generic security, there will be significant gaps and vulnerabilities on your network. An iPhone works differently to an Android device for example, so different security measures are needed for additional protection.
In the end, you want to give your users the freedom to bring their own devices to work, but you have a commitment to your employees, shareholders and customers to maintain a secure business environment. Having a good BYOD policy in place ensures a higher level of corporate security with set guidelines for all employees to follow.