Building trust in BYOD environments – the freedom to work from any device
Discover how a non-business device doesn’t necessarily mean a compromise to your data security
A ‘bring your own device’ environment – where users are free to work on their own phones, laptops and other devices, both in the office and at home – can have many advantages. From increased productivity to boosting staff morale, BYOD is often a hit with staff – but it can make IT teams concerned about security and maintenance.
Here, we’ll take a look at why a BYOD environment might be a good thing for your business, and how you can address security concerns that might otherwise be holding you back.
Why Implement BYOD?
For many staff, being able to work on a device of their choice is a big benefit. A generation of IT-savvy workers used to buying the latest devices for themselves today has less patience for an inferior or unfamiliar work device. Having the autonomy to work on a device that they own and are comfortable with is, understandably, preferred by most staff.
Research conducted by Cisco found that BYOD can significantly boost productivity for staff – it makes people happier and more willing to work and can also save time that would otherwise be spent on training staff to use business hardware and software.
Being able to work on a personal device can increase the willingness of staff to be flexible with their working hours too. The ability to answer work emails on a personal phone, eliminating the need to carry multiple devices, has huge benefits for communication within your business while being able to use a personal laptop at home makes it much more likely that your employees can quickly complete tasks in an emergency outside of office hours.
Securing A BYOD Environment
At face value, a BYOD environment is bound to cause concern among IT teams, worried about maintaining security across tens, or even hundreds, of different device models and platforms. Traditionally, Enterprise Mobility Management (EMM) platforms have addressed these concerns using “containers” on devices to hold corporate data and applications and keep these separate from the users’ personal applications.
While this approach is valid, other features are becoming available to give IT teams a wider range of options for securing BYOD environments.
Two examples are from Microsoft’s Enterprise Mobility + Security suite. Services like Azure Information Protection (AIP) work at the data level, encrypting and protecting corporate data regardless of where it is being stored.
A cloud-based tool, AIP uses labels attached to documents, emails and other data to set access controls which can limit who has access to data and enable administrators to track the data. By moving security away from devices and onto the data itself, AIP removes some of the arguments in favour of business devices and clunky security procedures and makes a BYOD environment secure without the need for intrusive security software.
Intune Application Protection (IAP), another Microsoft feature, enable controls on corporate data at the application level, allowing the IT team to restrict the movement of data between apps on private devices without those devices being part of a mobile device management plan. IAP controls the use of save-as or cut and paste functions to duplicate files, can insist on PIN access for specific applications and can restrict which apps can access data.
This prevents corporate data from being saved in personal, unsecured, storage, or transferred to apps or devices over which your team has no control.
These are just two examples of effective solutions to the perceived risks of a BYOD environment. While employees might be happy and more productive working on their own devices, the use of a non-business device doesn’t have to mean that data security is compromised.