For many organizations, the big sticking point when it comes to BYOD (“bring your own device”) is security. Today's threat landscape is fraught with danger, and there are times when it seems there's a major new corporate data breach hitting the news every week. Enterprises concerned with compliance and security may be unwilling to give up the sense of control they get from issuing company-owned devices for employees to use. But this sense of control is often a false sense of security. As you discuss BYOD with your customers, let them know that BYOD can actually provide more security than traditional device policies.
The reason BYOD can be more secure is quite simple. BYOD is going to happen, whether corporations are on board with it or not. Employees may use their corporate-issued devices for a few tasks, but it's safe to say that employees are also using their own devices while on the company network. Let's take a look at two examples of how this might be happening, the risks that such examples bring, and why enacting an official BYOD policy reduces those risks.
Personal devices for personal use
In an enterprise following a traditional device policy centered on corporate-issued smartphones and laptops, the idea is for workers to use their corporate devices for work and their personal devices for personal use. In practice, however, even following this rule can open the enterprise up to malware and cyberattacks. As long as the personal device—whether it's a smartphone, tablet, laptop, or wearable—connects to the corporate network, it can infect the network or other connected devices with whatever viruses and malware it carries. A well-developed BYOD policy reduces this risk by drawing even employees' personal devices under the umbrella of IT control. In a BYOD environment, tools can be put in place in order to ensure that every device that connects to the network is validated and in compliance with corporate security policies.
Personal devices for business use
Of course, it's highly unlikely that an employee will never use his or her personal device for business purposes. The capabilities of corporate-issued smartphones are often a generation or more behind the latest consumer technology, and information workers tend to seek out best-performing, user-friendly ways to do their job. Those ways often involve personal smartphones, tablets, and laptops. The rise of cloud computing further enables employees to use personal devices for business use, since in many cases, cloud-hosted corporate resources can be accessed from multiple devices. And when employees use personal devices for business purposes, they can put corporate data at risk. A BYOD policy reduces this risk by giving IT a measure of control and visibility into employees' use of personal devices for work. Sandboxing technologies that segregate corporation applications and data and apply greater levels of security to the enterprise side, and DLP solutions that prevent the inappropriate sharing of business information, are just two of the ways that the enterprise can maintain data security and IT control in a BYOD environment.
These days, just about every information worker carries a personally owned smartphone or tablet, and chances are, just about every information worker uses a personally owned device for work at some point. Denying this reality opens organizations up to more BYOD security vulnerabilities than a clear and well-executed policy would.
Are you ready to pitch BYOD to your customers? If you need more information, speak to an Ingram Micro Networking and Security specialist today.