BYOD…. Are your company and IT infrastructure ready?


by Mike Chapman | 12.20.2012
Categories: Blog

In the evolution of IT management, the bring your own device (BYOD) movement has been one of the largest game changers in recent history. Almost everyone now has some kind of personal device they bring to work and expect access to their work environment. Personal smartphones, tablets and laptops have been slowly creeping into the corporate networks blurring the lines between personal and work life. Many employers see this as the future of business computing, but it raises some significant IT issues that must be addressed to maintain secure, protected networks while enabling employee’s access to internal applications and resources. The balance is a delicate one, especially in industries that are required to maintain a certain level of security for compliance purposes.

The majority of devices IT departments are encountering are an influx of iOS and Android run smartphones and tablets as well as products from Microsoft, Blackberry and other vendors. The primary use of these personal devices in the workplace is to access company email, which could contain company/customer information and therefore the ability to control the personal device to protect the customer data and other sensitive information becomes a necessity. You must ask yourselves, will you allow employees to connect their personal devices to the company resources. What are the possible positives and negatives? What additional IT resources will we need to manage and secure these personal devices? What applications are my employees installing and how can I protect the device from a breach? A mobile device management (MDM) solution can be used to manage BYOD and internal users can be required to meet security requirements set by the company’s MDM solution.

A mobile device management solution normally is software that secures, monitors and supports mobile devices deployed across multiple operators, service providers and enterprises. MDM solutions do not need to be limited to BYOD devices, but can also be company-owned devices. A strong MDM solution can reduce support costs and business risks and optimize the functionality and security of the mobile devices accessing your network. Some basic features of MDM are standard in Microsoft Exchange 2007 and above including:

  • Pin enforcement and timeout locking
  • Remote wipe/lock functionality
If you have greater security needs then you will have to look into 3rd party mobile device management vendors. Some of the advanced features that are included in most 3rd party MDM solutions include:

  • Asset inventory – allows the bank to ensure all applications installed on devices meet defined usage policies.
  • GPS tracking – can find where a device is based on global positioning
  • Application Deployment and management
  • Device Encryption
Now that your company has decided to allow BYOD into your office the next step the IT department needs to take is to develop a comprehensive BYOD policy that outlines what is and is not allowed to be done while linked to the company network. For smart phones and tablets you must outline/ restrict the types of applications that are installed on the devices to ensure the safety of your networks and customer information. Here are links to a couple BYOD Policy examples:

Also with the BYOD policy you should identify whether utilizing a mobile device management software solution is required to meet your security policies. BYOD can be a great way to empower your employees to work the way they want, but you must perform due diligence and lay the ground work to have a successful BYOD implementation. If everyone understands what is expected and required for them to utilize their own devices while accessing company resources, then you eliminate potential issues of allowing BYOD within your infrastructure. Predefining the tools, policies and procedures necessary is imperative to introducing a successful and secure BYOD strategy without anxiety.