BYOD (Bring Your Own Device)

Top Tips: 5 BYOD lessons every business needs to know

22-04-2015-5-byod-lessons-every-business-needs-to-knowSimon Leak is Principal Security Product Manager for Vodafone, a world leading total communications services provider and Forrester recognised BYOD market leader. Simon designs and packages mobile security based professional services, including software development and device management, overseeing every stage from product design development through to management and lifecycle.   

Simon shares his experience: best practices for implementing a BYOD policy.

One year from now digital natives will, for the first time, be the dominant demographic in the workforce. Technophobia simply isn’t a word in this generation’s dictionary; by the time they start working they have already clocked up years of technical experience within an education system where personal devices and school-owned IT and cloud storage solutions are simply tools to get the job done better, faster and more effectively.

They don’t just want to bring their own devices into work they instinctively want to use them to do their work because that is their way of life. That could mean logging into a time-billing system over the weekend to record the week’s hours, or making final tweaks to a presentation in the taxi on the way to a pitch. The ability to work flexibly on the mobile device they choose, with their preferred mobile operating system and on apps they are comfortable using could determine whether they work with a company or not.

But despite the ever-growing need for Bring Your Own Device (BYOD), businesses are still burying their heads in the sand. A recent study by CompTIA, the ICT trade association, found that half of British companies do not allow employees to use any of their own devices at work, because of “a lack of resources” and “a failure to balance the needs of employees and those of the IT department”.

As CompTIA’s study shows, many businesses fear the potential strain that introducing a BYOD policy may bring, to both the IT team that will support the new system and to the business itself. By following the right processes, however, implementing BYOD within an organisation can be a more straightforward process.

Run a security assessment - When a tablet or smartphone is lost, stolen or hacked, data across the entire enterprise can be put at risk. Smart mobile security starts with a proactive evaluation of risks to put the right policies in place. The key is for businesses to assess and identify security risks, vulnerabilities and anticipated threat types before implementing a BYOD system. The business needs to assess current mobility security risks while also understanding how they may change with, for example, the introduction of a new mobility solution. It should also ascertain its current risk position and assess the level of risk it is prepared to accept as an organisation and across different user groups. By asking the right questions to begin with, businesses can then put the right control mechanisms in place.

Choose the right provider - Choose a total communications services provider, rather than try and manage a mix of different suppliers for different services. A total communications provider will provide the wired, wireless and cloud communications needs that the people, organisations and increasingly things within business need to stay confidently connected. It will provide these with a managed service wrap and 24/7 support giving the business greater peace of mind. And it will provide these all through one contract, with consistent Service Level Agreements to create a more simplified and easily manageable communications framework for the business.

Ensure that the right IT infrastructure is in place - The IT team should be able to audit corporate content on devices and keep applications up to date remotely without the need for people to bring them in. They should be able to install new applications and remove unwanted corporate programs, configure email accounts and secure devices with local password protection and data encryption along with establishing a secure virtual private network on each device every time it connects to a network.  And they should be able to bring together appropriate security controls in a consolidated way to integrate with enterprise infrastructure, messaging, collaboration servers, VPN, WLAN, Certificate Authority and application servers.

Educate your workforce - Employees often aren’t aware of the severity of risks associated with BYOD. As such, they need to be educated on best practice for securing their devices, the need to secure cloud stored data and the importance of backing up personal data such as family photos. Employees should also be educated on the risks associated with accessing potentially unsecure public Wi-Fi networks using a corporate device or of transferring files using potentially unsecure file-sharing applications. This can be as simple as ensuring employees have password protection on their mobile devices, or training staff not to click on links or open attachments from unknown sources.

Keep an open mind - Burying your head in the sand isn’t going to stop digital natives from entering the workforce, nor is it going to stave off staff attrition, particularly for a generation where freedom and choice can be makers and breakers of loyalty. By establishing a robust BYOD strategy with clear policies and considered security measures, companies are in the best possible place to listen to the needs of employees to let those employees define the best way to make their contribution to the business.

Embrace the change and manage it

Implementing BYOD doesn’t have to mean handing over all control and responsibility to the users and it doesn’t have to lead to extra work for already stretched IT resources. With trusted advice, sensible risk and security assessments, robust infrastructure, educated employees and an open mind, BYOD can become an effective way of creating a better connected and more agile workforce.

Businesses have no real need to bury their heads. With the right software, IT managers can get secure access to employees’ smartphones and tablets, monitor use and even update security settings over the air. And BYOD can also bring extra benefits for data protection as users have usually invested their own funds into the device, they have a vested interest in keeping it safe, leading to fewer ‘left on train’ incidents.

Far from viewing this shift as a threat, businesses should be looking at modern ways of working as an opportunity to support greater productivity and pave the way for flexible working practices that boost employee satisfaction.  All that’s needed is the right strategy, technology and policies with security at the heart.


« Microsoft: We can't leave half of Europe's talent in the dark ages


Can Big Data solve the customer engagement problem for utilities? »
IDG Connect

IDG Connect tackles the tech stories that matter to you

  • Mail


Do you think your smartphone is making you a workaholic?