Bring Your Own Device (BYOD) is a model that is gaining popularity in modern workplaces. Due to its efficiency in reducing costs and increasing productivity, more companies are encouraging their employees to follow this model. Despite its obvious advantages, BYOD can also bring with it some security and data compatibility concerns.
Cross-Platform Risks Associated with BYOD Policy Implementation
For illustrative purposes, consider a company that relies on a Microsoft/Windows framework. The company has employees that travel frequently and give presentations in various locations. Now, add a BYOD policy to this scenario.
This means that the company’s employees have various devices, each running on different operating systems. Each of these systems may have different programs and unique security vulnerabilities. Clearly, this company is going to face serious security and data compatibility issues. Generally, the issues will present themselves in 3 ways:
1. Lack of compatibility which hinders collaboration – With different operating systems in play, the company will have to deal with common software not being compatible across multiple devices. This can also cause version issues that make employee collaboration a challenge.
2. An overwhelmed IT support department – It’s important to keep track of all the different software being used. Train your staff on how to deal with multiple systems and solving urgent compatibility issues. As a result, the company will have to increase IT support
3. Compromised security and data privacy – The company gives up control and visibility of devices. This creates a host of security threats including:
- Data loss
- Unauthorized access to company information
- Exposure to malware especially when employees use public networks
- Installation of compromising applications and content
- Loss of devices
- Reduced adherence to compliance requirements
Best Practices for Standardization Under BYOD Policy
The challenges presented by this policy make a compelling case for standardization which gives a company two alternatives:
This adds a caveat to the BYOD policy. Employees can choose their preferred devices from a set of authorized devices. This is also better known as “choose your own device” (CYOD). It limits choices to a few approved devices, making collaboration easier. In addition, security measures such as anti-malware can be applied uniformly on these devices. It effectively does away with compatibility challenges.
The company can also require that employees use a consistent set of productivity applications. This will lessen the burden on the system administrators in addition to enabling smooth collaboration between employees.
Having a predetermined set of applications allows easy sharing and use of documents. This also reduces the time required for training and enhances mobility. Cloud-based productivity tools are a great way of achieving such consolidation.
Slack, Microsoft Office 365, G Suite, Salesforce, and Box are examples of applications that allow users to access necessary information from a central location. These applications will store data at a central point, allowing users to view and change information on any device at their convenience.
Companies implementing BYOD programs should have multiple security controls that mitigate the risks. These include:
- Two-factor authentication
- Encrypting data on cloud-based software
- Device encryption to prevent unauthorized access
- Remote wipe for employees leaving the company as well as hacked, lost, or stolen devices
- Using identity management software
The benefits of BYOD far outweigh its challenges. Not only does it support employee mobility but it also increases their productivity. Considering the fact that employees will still use their devices for work-related matters regardless of your policy, BYOD is a safe bet.
In order to deal with the compatibility and security challenges presented by this model, a company will have to standardize the devices or applications used. This will enhance collaboration by narrowing down the tools that employees can use. It will also address security concerns by allowing the use of uniform security measures.