Get to Know BYOD Mobile Computing Security
Using your own device in the office is now a widely accepted practice, but are you keeping the network protected?
Most of us understand the premise behind BYOB. It's a party thing. But what about BYOD?
Here's a hint: It has nothing to do with booze and everything to do with all the personal mobile devices your small workforce is bringing into the office. Shorthand for “bring your own devices,” the term is fast becoming standard for discussions about security policies and consumer technology.
Those are discussions worth having, too. Because office workers use their devices to access multiple networks when they’re off the clock, they could be introducing security threats to your workplace. Here are some ways to make sure your company data is safe, even in a BYOD environment.
Develop a Mobile Security Disaster Plan
In a recent study from router firm Juniper Networks, device users had a wide array of opinions about security responsibility. Some thought the service provider should be held accountable for security, while others pointed to the device manufacturer or software security provider.
Take a moment to ask yourself: If a security issue crops up in an employee-owned device, who would be held responsible? Create a disaster plan that includes tech-support numbers and other contacts so you can get the situation resolved quickly.
Write Up a Mobile Security Policy
Even in a small office with just a few employees, a well-stated security policy can be crucial for clarifying BYOD rules.
These policies usually state that all data on the device must be encrypted, applications that would compromise network security can’t be installed and devices must be configured with strong and frequently changed passwords. Security requirements might include:
- Company permission to remotely wipe the device if it’s lost or stolen, or if the employee leaves the company
- Audits of the device to make sure it’s in compliance with security protocols
- Bans on specific applications that have been known to contain security risks
- Prohibition of corporate data storage on the device, or access to cloud services where company data resides
- Clearly communicate to employees that they are prohibited from storing their passwords and login IDs on their mobile devices. As we know from experience, the biggest security threat to a small business is often hiding in people’s pockets.
Segment the Network
Some companies boost protection by splitting up the enterprise network and creating an access area that’s only for devices. This limits employees’ chances of putting the company network at risk because they stay out of areas with sensitive data. The tactic works especially well if the user only needs Internet access and doesn’t have to tap into company information.
If employees do need to dive into business data or applications, you can set up a virtual private network that operates within the BYOD network space. This strategy is handy for reducing the chance of introducing viruses to the network as well.
For a handy infographic of current virus threats and definitions, check out our expert insights on the topic.
If your workplace is becoming a BYOD environment, take the time to employ these simple tactics. It’ll be well worth the effort to lock down and prevent data thieves from getting into your network (for additional security policy advice, read our article on defining small-business security policy).