The more people use devices in their personal lives, the more they’ll want to use those devices at (and for) work. To companies—startups especially—this looks increasingly like a good way to cut down on their device budgets. So the Bring Your Own Device (BYOD) trend in workplace IT is not going anywhere anytime soon. And neither are the security issues it presents.
For security distributors, understanding how enterprises are managing their employees’ use of personal devices for work purposes and balancing internal security with convenience are crucial to knowing the market. So here are three things you should know about BYOD and the emerging paradigm for keeping the model cybersecure:
A Good Policy Is the Best Policy
It’s difficult to control how people use their personal computers or devices outside of the office. But employees have been revealing themselves to be more amenable to reasonable restrictions, such as employer-imposed usage guidelines, for instance, requiring that they or IT installs effective malware protection as a condition of using a personal device as a BYOD device or agreeing not to visit particular websites, install certain apps, or engage in other risky computing behaviors on that particular device.
There is an element of end-user education involved as well. No one wants to get malware on his or her laptops or smartphone. So giving employees a baseline cybersecurity awareness doesn’t just keep networks using BYOD devices safe—it’s something for which they might very well be personally grateful.
BYOD Platforms Can Protect Privacy, Even from Internal IT Snooping
One of the things that keeps employees from accepting limitations on their device usage and the installation of BYOD monitoring solutions on their devices is that they fear that the IT department might be digging too deep into their smartphones and laptops, reading their personal email, and monitoring their personal Web traffic rather than sticking to monitoring software that’s used solely for work.
Security distributors should take note that there are BYOD platforms that can mitigate this concern by limiting what IT can look at on devices that it manages through the platform. If an employee knows that this type of feature is available and trusts that it’s being used, he or she will be more likely to accept the BYOD restrictions and less likely to try to use unapproved devices that put network security at risk.
New Models for Device Usage Offer New Approaches to BYOD Security
If having users bring in their own devices seems too difficult to manage—if the employees just aren’t going to line up to have malware scanners and monitoring tools installed on their machines, or if there is too much turnover to make it feasible—there are other models emerging that set up enterprises to let their employees make use of personal or semi-personal devices in certain ways without opening up their networks to all of the potential security concerns of BYOD.
A CYOD (Choose Your Own Device) model allows users to choose from a list of approved devices and either purchase them themselves or get a stipend from their employer for them. This prevents employees from using devices that won’t work with the network’s security platform or pose other security risks due to their age or lack of standardization.
With a COPE (Company-Owned, Personally Enabled) model, companies buy devices specifically for employees to use as their own. Doing so, they ensure the quality, compatibility, and security upkeep of the devices as well as being able to dictate usage more authoritatively.
For security distributors, each of these models provides room for selling different devices and the different types of solutions required to secure and manage their usage within an enterprise.
How have you seen companies setting BYOD policies to ensure cybersecurity?