As mobile devices grow more powerful and cloud computing more ubiquitous, a growing number of information workers are putting their work in their pockets and taking it home at the end of the day—often so that they can continue working long after they've left the office or before they've even begun their commute the next day. Workforce mobility is a boon to productivity, of course, and worker engagement typically improves as well in BYOD environments. But with mobility and BYOD come new security challenges. Here are three examples of BYOD security strategies that really work:
1. Employee training
The biggest vulnerability in any corporate security strategy is the workforce itself. Without the proper training, many employees will be unaware of basic security best practices or regulatory requirements. VARs with the resources to offer employee training sessions to their BYOD customers can help them boost security by teaching workers about:
- The importance of strong passwords and of different passwords for different applications and services
- Safe social media use and how to spot a phishing scam or other social engineering
- Safe Web browsing and virus and malware avoidance
Such training can make the difference between a data breach or compliance violation caused by a careless mistake, and corporate data protected by security-savvy employees.
2. Enterprise application and data sandboxing
One of the greatest challenges of adopting BYOD lies in maintaining corporate control over corporate content and data, while respecting employees' privacy with respect to the personal applications and data that reside on the same devices. A number of Mobile Device Management (MDM) and Enterprise Mobility Management (EMM) solutions now make balancing corporate control and personal privacy easier by sandboxing enterprise applications and spinning up data containers on employee-owned devices. Within the corporate sandbox and/or containers, applications and data are protected by enterprise-grade security with granular monitoring and visibility for IT and security administrators. Outside the sandbox or container, however, the employee can use the device as normal, without fear of IT snooping.
3. Gated clouds
Cloud computing is already a great enabler of BYOD. The ability of both public and private clouds to store and deliver data and applications remotely to just about any device, on any network, and at any location allows employees to access their work anywhere they go and anytime it's needed. Storing data in a secure enterprise cloud instead of on employee devices also reduces the risk of data loss or exposure in the event of employee carelessness or device loss or theft. Cloud computing raises its own security issues, however, most notably around access and authentication. To combat that, enterprises are turning to cloud access security brokers (CASBs), which function as a secure gateway between the end-user and the enterprise cloud application. CASBs provide an additional layer of security through enhanced authentication requirements. Some also deliver additional data protection through on-the-fly encryption and other data masking technologies.
BYOD looks like it's here to stay. The cost savings and productivity benefits are simply too significant for many organizations to ignore. But jumping blindly into BYOD is as ill-advised as refusing to acknowledge its value altogether. As your customers consider transitioning from a corporate-controlled device environment to one populated by employees' personal devices, guide them toward the security strategies most likely to keep their data, applications, and computing infrastructure safe from outside threats.
Do your customers need a little help before they can feel comfortable moving to a BYOD policy? Speak to one of Ingram Micro’s Networking and Security specialists today to get the resources that can help you make the case for BYOD.