It has become the norm for business professionals to be available outside of the traditional work hours – and the mobile device is the logical tool to access emails and business apps such as CRM, document storage and time/expense tracking.
An increasing number of companies are allowing employees to utilize personal mobile devices in the workplace to connect to corporate email, file servers and databases. With the growth in mobile workforces, this “Bring Your Own Device” (BYOD) offers tremendous benefits to employees and businesses.
The concept behind BYOD is to increase efficiencies and productivity while allowing businesses to save on the costs associated with the purchase of high-priced devices. High achieving employees are constantly exploring new innovations to increase their productivity and BYOD removes the corporate directives that can be perceived as obstacles to improving their work lives.
This seemingly win-win scenario can open up businesses to a multitude of security and privacy concerns that force questions such as:
- How can a business protect confidential data and client information if an employee loses their device or leaves the company?
- What happens if a virus infects an employee’s smartphone and spreads it to the company network?
- To what degree can a company monitor the personal information on the devices of their employees?
According to Pricewaterhouse Coopers’ 2013 Global State of Information Security survey, less than half of the C-suite executives surveyed have instituted a security strategy to address personal devices in the workplace, despite the fact that 88% of employees use a mobile device for both personal and work purposes.
It is incumbent upon businesses to understand the potential risks and adapt policies to protect intellectual property as well as comply with privacy laws. Logical first steps include engaging IT and Human Resources representatives to assist with planning and identifying sensitive business information and critical business assets that require encryption and security layers, or possibly eliminate accessibility to mobile devices.
Security protocols that are available include: Network Admission Control (NAC) appliances to allow mobile devices to be properly registered on a network, scanned for properly patched software and other minimum requirements that must be achieved before allowing access to more secure parts of the network; and virtual desktops or virtual applications to allow mobile devices to access files remotely without the data being stored on the local device. This approach also helps reduce the cost of desktop computers where thin client computing can also leverage the virtual desktop infrastructure. A considerable amount of network engineering stands behind these successful implementations, but the rewards are many.
PlanNet can help businesses navigate the intricacies of building secure data infrastructure and processes that help protect corporate data on mobile devices. These solutions can include next generation firewalls that go beyond applications and credentials permissions, but can also inspect data up through the application stack (deep packet inspection) to locate malware signatures or make sure that company policies for the transmission of certain types of data are being followed.
Instituting strong security policies and practices will minimize risks to businesses and employees and allow all parties to benefit from the BYOD practice.