Our last blog examined the trend known as Bring Your Own Device, or BYOD. Essentially, this is where a worker can use their own, personal smartphone in which to conduct their everyday job functions.
There are certain benefits, especially to the small business, in the way of cost reductions. However, there are inherent downsides to it as well, especially from a Security standpoint.
In this post, we examine numerous ways in which, you, the business owner, can mitigate the risks of BYOD:
1) Create and deploy an active Mobile Device Management Plan (MDM):
The exact specifics of an MDM plan were covered in a previous blog. However, as it relates to BYOD, creating such a plan will give you a greater method of control over the wireless technologies that your workers use.
In order to add in an extra layer of protection, you should insist that whenever they conduct work related matters on their personal smartphone, they must also use an encrypted protocol when they communicate with the corporate servers.
Of course, then it will be your responsibility as the business owner to provide such services to your workers, as the likelihood of them doing it themselves is very low.
2) Make mobile device usage a top item in your Security Plan and enforce it:
One of the key mantras for business owners, large or small, is that they must have a Security Plan in place, and be extremely proactive about enforcing it.
A Security Policy covers all aspects of how to protect your business, and the steps that must be followed in achieving this goal. Very often, however, mobile device usage is left out of it, or if it is included, it’s not enforced. Make sure to do both.
Also, don’t overlook this one key aspect…
Make sure that you have language in your Security Policy that states that even when a worker uses their personal smartphone to access and retrieve corporate information and data, they’ll still be responsible for any non-compliance with the established Security Policies set forth.
This can be a fine line to establish, so in this regard, it’s best to consult with an experienced legal counsel on how to draft and create this specific lingo.
3) Make use of the Cloud:
Another way to reduce the security risks of BYOD is to use the cloud.
For example, for those workers that use their smartphones to do their work, you can give them their own private area in the cloud where they can access the needed files. That way, you’re not exposing your entire IT infrastructure to any possible cyber-attacks.
Also, many cloud platforms allow for what is known as “auto-synchronization.” This simply means that when a worker updates their work files in their private area of the cloud, these same files will also be updated automatically onto your main production server(s).
4) Train your workers:
It is important to train your workers as to how malware and rogue mobile applications can be easily and covertly installed onto their BYOD device.
It’s also equally important to train them into how to effectively use the security features you want them to use, such as logging into the corporate network over an encrypted communications line.
Also, teach them how to use Two Factor Authentication, and the importance of creating unique passwords, and changing them on a timetable set forth in your Security Policies
Want to know more about you can reduce the risks of BYOD in your business? Contact us for more information!