Not too long ago, many organisations were dismissing the bring your own device (BYOD) phenomenon as being of no consequence.
However, nowadays they realise that BYOD can have serious implications for the business, and are putting policies in place and implementing technologies to manage it.
Jayson O’Reilly, director of Sales and Innovation at DRS, says that those businesses who are doing it properly, acknowledge that a successful BYOD strategy is dependent on co-operation between technical and employees, and are working with their staff to decide what works most effectively for all involved, and are integrating BYOD into the company’s general security strategy.
He says mobile security is evolving and maturing and there are several effective tools to help to keep mobile data safe.
Users prefer to use their personal devices for their communications needs, and do not want to be inconvenienced by having to carry a secondary, work device. For this reason, containerisation is well suited to BYOD, because it separates and ‘contains’ business and personal assets in the device.
The technical department will create and manage containers in each device that give controlled access to mails, apps, files and suchlike. These containers will be policy enforced and encrypted for maximum security. “Should the device be lost or stolen, technical can wipe the business containers with no impact to the personal ones,” O’Reilly explains.
Moreover, communications with the sensitive or business containers can be conducted over private channels that encrypt and authenticate each and every connection. In this way, VPNs are no longer a necessity to ensure secure communications. “This ensures the network is protected against infected devices, attacks and malicious software, because only the secure containers can connect to the company’s network.”
“By separating business assets from private assets, devices are kept personal, and can be used for non-work related tasks. Staff needs only carry their device of choice, and can still enjoy secure, enterprise access.”
Similarly, mobile device management (MDM) solutions can allow IT to secure and manage mobile devices across multiple operating systems, enabling secure business communications, automatic device configuration, certificate-based security, and selective wipe of enterprise data for both business and private devices.
“A good MDM solution creates a clear separation between personal and business data on the devices. Should the employee leave the organisation, or should the device be stolen or misplaced, the technical department can again wipe all the business information off the device. IT staff also have the ability to apply granular controls, which can be based on parameters they choose, including the type of device, who owns it, and what the employee’s role in the company is.”
O’Reilly says tools such as containerisation and MDM help IT address the challenges that go hand in hand with BYOD, and ensures that end users aren’t inconvenienced by having to carry additional devices. “As long as the business educates its employees as to the reasons behind the tools, and how they are being used to protect them, the result will be a secure mobile workforce.”