BYOD, or Bring Your Own Device, is a term that many business owners have heard bandied about. Much like other buzz phrases like “the Cloud” and “Big Data,” the Bring Your Own Device ideology has made significant inroads into today’s enterprise environment. While many savvy business owners are seizing the opportunities for increased productivity and employee-investment that a BYOD environment entails; it is important that you make an informed decision about safety and security.
In a nutshell, a Bring Your Own Device environment is as simple as it sounds—it allows employees to work using their own devices. Generally the device of choice is a smart phone, but in some environments this may include tablets or laptops. In a BYOD environment, an employee’s personal devices are allowed to interact with the corporate environment. The device might be used by the employee to check their email, view documents on network shares, print directly to office printers, or any number of collaborative services that now exist to allow employees to be both mobile, and productive. The concern for the informed employer, however, is how does allowing an employee’s personal property to interact with their network impact security?
The answer, put simply, is significantly.
Allowing an unsecured device access to your network introduces a point of exploitation where none existed previously. Should the device’s security be compromised all the information that it had access to inside of your business is now accessible to an untrusted third party.
The good news is that while a BYOD environment that is not well maintained and security conscious is a potential nightmare scenario, putting some simple safeguards in place can give you as the business owner piece of mind, your employees greater productivity, and a healthier corporate environment. Believe it or not, one of the simplest ways that you can manage your employee’s devices and how they interact with the corporate environment, is with their email.
Microsoft Exchange services allows for mobile device management. This means that if your business has its own email server or purchased a hosted cloud-based solution, your IT department can ensure that employee’s phones meet a certain security standard in order to be connected to their corporate email. This means that they can force the phone to have a password, force that password to be of a certain length, ensure that the phone has been updated to its most recent OS version, etc. Deploying this solution ensures that an employee’s device meets security standards of your choosing before being allowed to come into contact with sensitive internal information, like corporate email.
Another possible solution is to segment your network. If not configured otherwise, devices that are connected to your office Wi-Fi are connected to the exact same network that all the rest of the computers in your office are connected to. This means that, unless otherwise safeguarded against, devices connected to your office wireless have access to most, if not all, of the same information that the computers you use to do your day-to-day work have access to. Segmenting your network creates a separate connection for wireless devices that has far less access to sensitive information. Although you may never have heard the terminology before, you’ve almost certainly come into contact with a segmented network—any time you connected to a “Guest Network” you are almost certainly connected to network that has been segmented off from the more secure network the business uses to conduct its daily operations.
Allowing employees to use their own devices increases productivity and can save your company money. By implementing proper security precautions you can ensure that your business is not opened up to undue risk while facilitating an environment with greater mobility and employee buy-in. BYOD can be a true benefit to you and your employees.