Without any doubt, your employees are already bringing all sorts of devices to work and many of them use these devices (mobile phones, tablets, laptops etc.) to carry out tasks related to their job. This phenomenon has developed its own term: BYOD, or Bring Your Own Device, but apart from all the benefits of BYOD, which range from increased productivity, to cost savings and overall convenience, there are also a few risks associated with this practice.
Malware, viruses, unsecured or jailbroken devices and a lack of control put corporate data, intellectual property, and client information at risk. This is where a BYOD policy becomes essential to any business. If your employees want to use their device on your network they need to abide by a few rules so you can make sure your information stays secure.
First off, devices need to be protected by screen lock passwords and should be regularly updated with the latest OS and patches. Next, it is important not to allow jailbroken or rooted devices as these might be compromised, meaning they are increasingly exposed to security vulnerabilities, malware and hacks which wouldn’t normally be found on secured devices.
To enforce security policy make sure that devices are enrolled into a corporate mobile security management suite that only allows access to corporate assets after the device is enrolled and vetted by security policies. Another benefit of a management suites is the option to ask for re-authentication thus ensuring the user is genuine. These management suites also have the capability of wiping data from devices in case it falls into the wrong hands. Remember that there are a variety of devices available, produced by many manufacturers and management suites might not support everything. Make sure that only those devices within the support matrix are allowed.
Next, it is wise to invest in corporate apps that hold company data separate from that of the user. All company data should also be encrypted, especially if offline access in available. Having said that, it is a good idea to prevent offline access altogether when sensitive data is concerned, and only allow access through the corporate network. You can also require all connections, whether via the application or device, to go through a VPN so you know all communications with the corporate network are secure.
A BYOD policy is an essential part of your security strategy. It is very important to secure your data but your users’ devices are a key component of the strategy because once they are connected to your network they become part of it. Solutions like GFI LanGuard bring security vulnerability assessment capabilities for BYOD devices including mobile phones and tablets. With GFI LanGuard you can scan popular devices without the need of an agent and keep a detailed inventory of devices connected complete with known security issues and available updates. Android, iOS and Windows Phone together with all major mobile platforms are supported.
Get your free, fully functional 30-day GFI LanGuard trial complete with GFI technical support today and start better protecting your network, your users and your customers.
Melanie is Digital Content Specialist/Editor at GFI Software. An eager blogger, fiery tweeter, and avid reader, Melanie is a self-confessed geek who finds solace in online FPS games.