Bringing your own device to work has become standard policy in the U.S. business world, and its ascendance has been accompanied by the emergence of new security concerns. Seventy-two percent of U.S. organizations across five major industries now support BYOD, with the highest adoption rate in the financial services industry. But despite security concerns and industry regulations, fewer than 60 percent of financial organizations follow such basic BYOD security measures as using encryption and maintaining remote data wiping capability. These types of security oversights can have serious consequences, including data breaches.
If your company supports BYOD, having an effective security policy is crucial for protecting your company against a security breach. Here are four keys to implementing a secure BYOD policy for your business.
Table of Contents
Keep Devices Secure
Over one in four data business data breaches since 2006 can be traced to lost or stolen mobile devices. Addressing this vulnerability by taking steps to protect employee devices is a cornerstone of an effective BYOD security policy.
The most important step to secure employee devices is to require workers to adopt strong security login measures. Using a passcode or password provides basic protection. For stronger security, employ biometric identity verification such as fingerprint scans or face recognition. Biometric security depends on the security of input methods and sensors used to verify information. Encourage your employees to use devices with robust security, such as smartphones that use mobile processors like Qualcomm Snapdragon, which comes with Qualcomm’s Haven security suite to ensure that only smartphone owners and other authorized individuals can access device data.
As a contingency in case a device gets stolen or lost, and for situations where an employee leaves the company with data stored on their device, it’s important to maintain the capability to remotely lock and wipe workers’ devices. This can be done through a mobile device management (MDM) app such as Android’s Find My Device or Apple’s Find My iPhone. There are several other mobile management device solutions with advanced features geared toward business users, such as enterprise wipe, which enables employers to delete company data without affecting personal data on the employee’s phone.
Protect Company Data
Unprotected data is another vulnerability that should be addressed. One of the best defenses for safeguarding data is encryption, which encodes data so that unauthorized users can’t access it without the key. Encryption on iPhone devices is activated automatically by setting up a PIN or password. On Androids, an option to activate encryption is available under security settings.
Another strategy for protecting data is containerization, which segregates company data from personal data so that it can be encrypted or wiped remotely without affecting personal information stored on employee phones. You can deploy containerization by using a mobile content management (MCM) app such as the BlackBerry Dynamics container.
Connect through Secure Networks
Another potential point of vulnerability is the connection employees use to access your network. Using an insecure network such as a public Wi-Fi network can allow hackers to intercept your data. You can reduce this risk by requiring that employees connect through a secure network such as a virtual private network or private Wi-Fi network.
For additional security, you can use an app that allows you to set up individual security profiles for employees that limit access. Cisco’s Identity Services Engine allows you to set up profiles based on a device, user type, user location and time of access.
Only Allow Approved Apps
Insecure mobile apps are another security vulnerability your BYOD policy should address. Employees can expose your network to malware by downloading apps from unsecured sites or by using devices that have been jailbroken.
You can deter this by restricting use of unauthorized apps or jailbroken devices. An effective way to make sure only authorized apps are used is to employ a mobile application management (MAM) system that defines which apps can be used on your company’s network. You can set up a customized app store for your company with Citrix XenMobile and requiring your employees to use approved apps downloaded from your store.
Securing devices, data, networks and apps will go a long ways toward addressing BYOD-related security issues. To implement these guidelines effectively, it’s important to make sure your staff is trained to follow these procedures. Build these BYOD security measures into your standard operating procedures and employee training in order to ensure that your employees’ devices stay secure.