1. Sales & Marketing
  2. Finances
  3. Your Team
  4. Technology
  5. Social Media
  6. Security
Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.
Grow Your Business Security

5 Ways to Simplify Your BYOD Security Policy

5 Ways to Simplify Your BYOD Security Policy
Credit: Twin Design / Shutterstock.com

If you're holding out hope that the trend of your employees using their own mobile devices at work will run its course soon, you could be waiting awhile.

Despite the security concerns BYOD presents, more and more businesses are offering their employees the chance to access work materials via their own laptops, smartphones and tablets.

PJ Gupta, CEO of mobile security solutions firm Amtel, said there is no doubt BYOD is here to stay.

"Instead of fighting this practice, smart companies are cautiously embracing it for the sake of gains in productivity, flexibility and employee satisfaction," Gupta said. "Companies need to implement well-thought-out mobile device security and BYOD policies that do not get in the way of the pace of work but also do not compromise information security."

To help small businesses, Gupta offers five tips for simplifying the BYOD security process.

  • Protect enterprise data and apps: The primary goal of BYOD management in the workplace is to safeguard data and applications, while allowing the organization to benefit from its flexibility and efficiency gains. To achieve this, security policies and mechanisms must be put in place for company data access from personal devices. Tight control on who has the privileges to run what enterprise apps from what device helps minimize the risk of data loss or corruption. To protect sensitive information, time window and location-based fencing can be enforced for access control.
  • Secure the device: When an employee is walking around with an access point to your crown jewels, such as intellectual property and confidential information, precautions are needed to thwart unauthorized access, malicious attacks or inadvertent disclosure due to device loss or theft. In order to provide the protection needed, businesses should make sure they have the ability to lock down the corporate data on mobile devices via multi-factor authentication, access control, containerization, as well as be able to track and remotely lock and wipe work containers on the device.
  • Ensure personal privacy: Earn the trust of your employees by implementing a privacy policy that only allows for the monitoring of the work material on personal devices. Personal communications, contacts, apps and data should be out of bounds for any monitoring application. Limit location tracking to the boundaries of the work location, except in the case when a device is lost or stolen. Avoid rigid policies in "blacklisting" and blocking apps on the device. Allow apps to run on the device while securing the workspace using geo-fencing controls. Also, ensure that personal device content is not wiped without employee permission.
  • Thorough enterprise mobility management solutions: A cloud-based enterprise mobility management solution (EMM) makes user self-enrollment easy via a link provided by centralized push, email or text. To protect against malware or virus attacks, security policies should ensure that devices are running approved operating systems with all the up-to-date security patches included. The EMM solution selected should also have the ability to detect and quarantine infected or compromised devices for a broad range of iOS and Android devices, including jail-broken iPhones and rooted Android devices.
  • Monitor and take action: Real-time monitoring of data access and audit trails helps contain the risks associated with BYOD. Alerts and notifications to the user and administrator upon security policy violations should be automatic. Analytics on usage patterns and logs relating to enterprise data access and business-related communications can reveal threats and potential security breaches that can be addressed in quick, decisive action, preventing data breaches.

Originally published on Business News Daily.

Chad Brooks

Chad Brooks is a Chicago-based writer who has nearly 15 years' experience in the media business. A graduate of Indiana University, he spent nearly a decade as a staff reporter for the Daily Herald in suburban Chicago, covering a wide array of topics including, local and state government, crime, the legal system and education. Following his years at the newspaper Chad worked in public relations, helping promote small businesses throughout the U.S. Follow him on Twitter.