5 Ways To Mitigate Security Risks Of BYOD

BYOD

There is no denying that BYOD (Bring Your Own Device) is an unstoppable force. In fact Gartner predicts that 90 percent of organisations will support corporate applications of some sort on personal devices by 2014.

Many of the popular mobile devices are built on relatively nascent, consumer-focused platforms that don’t provide the underlying management controls that Enterprise IT organisations are used to. So as more and more employees use their personal iPhone, iPad or Android for work, IT has less and less control of whom and what is accessing its network.

But there are things that IT organisations can do to keep data secure, maintain access policies and ensure service quality.

1. Remote wipe and lock

Due to the nature of mobile devices, many device management solutions are focused on securing the device if it is lost or stolen. Requiring users to install remote wiping software on their personaldevice before using it for work allows IT to lock down data should the device go missing. As the new mobile platforms evolve, so too should the ability to separate business andpersonal data on the devices, which will allow IT to remove company-relateddata without eliminating personal information.

2. Geo location tracking

There are a lot of debates around the privacy concerns of GPS tracking, but location capabilities inherent in mobile devices can be invaluable in the case of loss or theft. Some Mobile Device Management (MDM) solutions allow IT to send an alarm to the device to help identify the location for a user, and if truly lost, IT can then leverage the wipe and lock technology mentioned above.

3. Network authentication, authorisation, accounting

IT organisations should adopt a solution that allows them to tie devices connecting to the network with each user’s identity and role, and then apply role-based policies to grant proper access privileges. Thisenables IT to differentiate access for different levels of employees or guests, or even by device type. It also lets IT take a proactive stance on tracking and monitoring how mobile devices are being used within their network.

4. Secure remote support

Not surprisingly, employees often rely on personal devices to conduct work while out of the office. Having a secure way to support and fix these devices from a remote location is imperative to maintain employee satisfaction. Depending upon device type, remote support solutions allow help desks to configure devices, chat, transfer files, and even remotely see and control the device. It’s important to select a solution that supports a wide variety of devices and keeps all access and activity logs behind the company’s firewall to ensure security.

5. Acceptable use policy

BYOD may seem like IT’s burden to bear, but employees are also responsible for keeping company information secure. One option is to require employees requesting to access the network via a personal device to sign an Acceptable Use Agreement (AUA). The agreement may include conditions, such as installing a device certificate or the remote wipe software mentioned above. It may also state that devices can be seized if necessary for a legal matter. At the end of the day, it ensures that maintaining securitywhen using personal devices is a shared responsibilitybetween both the user and IT.

Troy Harrison is responsible for overseeing the planning and implementation of Bomgar's Remote Support product. He joined Bomgar in early March 2008 and brings over 15 years of experience in software development. Before joining Bomgar, Troy helped to found a successful medical software company providing real-time clinical data to physicians through Internet and mobile devices. He holds a Bachelor's degree in Computer Science from Tennessee Technological University.