Mobile Data Protection (BYOD)
The first and best defense in securing BYODs begins with the same requirements you apply to devices that are already on your network. These security measures include enforcing strong passcodes on all devices, antivirus protection and data loss prevention (DLP), full-disk encryption for disk, removable media and cloud storage, mobile device management (MDM) to wipe sensitive data when devices are lost or stolen, and application control.
You should always extend encryption to both data in transit and data at rest. Protecting your devices with strong passwords means you make it incredibly difficult for someone to break in and steal data. But if somehow your device-level password is compromised, encrypting the data stored on the device provides a second level of security a hacker must get through in order to steal your data.
You should encourage users to think of the extra layers of security as helpful tools that give them the ability to use their own devices within the workplace. By password protecting devices, a user acknowledges accountability and responsibility for protecting their data.
In addition to applying passcodes and antivirus prevention to your devices, you should apply a custom level of application control to BYODs. If applications are available to employees on the internal network, they should be able to access them offsite through a VPN or email software.
A successful BYOD program allows your users to be productive outside of their scheduled work hours while also giving them the flexibility to do the things they like to do when they’re not working—like update their status or enjoy playing an interactive game.
Whatever decision you make for your BYOD policy, be sure that it’s enforceable and enables IT to deploy software remotely.
Suppliers Mobile Data Protection (BYOD)
Vendors Mobile Data Protection (BYOD)
F.A.Q about Mobile Data Protection (BYOD)
How can I control apps on BYOD devices?
The best way IT can control apps on BYOD devices is to have an acceptable use policy in place. Since BYOD adoption has picked up, IT pros have less control over the apps employees use. A policy that lays out expectations and consequences for users can improve the success of your BYOD initiative. Mobile device management (MDM) systems also offer application controls through their blacklisting and whitelisting features. In addition, those with auto-quarantine or remote wipe capabilities also help in the event that a user installs non-compliant apps on his or her device.
How can my organization create a BYOD policy?
Every organization’s BYOD policy is a little different because policies are most effective when they’re organization-specific. The most important thing you can do is create a policy as soon as you decide to allow users to bring their own devices to work. The basic points of good BYOD programs address the same things: how users should protect devices, what they can and can’t access and what will happen if and when they leave the company.
A strong BYOD policy should also consider device selection, reimbursement, MDM, device security and mobile application security. Also think about how you’ll enforce BYOD policy once it’s in place.
What mobile app delivery options does my department have?
There are four good mobile app delivery approaches, but each has pitfalls.
Enterprise app stores give IT licensing and compliance control and let users download pre-approved mobile applications, but they require a lot of maintenance and resources. Web apps are compatible with different devices and don’t need a distribution system, but without an Internet connection, they aren’t practical. Cloud file-sharing services are good for app delivery since most employees are already familiar with services such as Dropbox. If you chose the cloud option, you’ll have to use or develop cloud-based mobile apps or pay for cloud storage services. And mobile desktop virtualization lets users connect to a PC environment and stores all sensitive data on servers instead of devices. But for desktop virtualization on mobile devices to work, users need a reasonably large screen and a reliable Internet connection.