The BYOD Problem

March 31, 2017 / G C Network / Comments Off

Twitter Feed

Could Budget Sweeps Fix Your Cybersecurity Problem?

By G C Network | July 19, 2018

A recent roundtable discussion in Washington, DC with Federal IT and Cyber leaders focused on the business drivers, challenges and evolving strategies around cybersecurity in government. After an opening presentation…

Cloud Migration Part 1: An Overview

By G C Network | July 17, 2018

Cloud Migration Part One: An Overview Business is all about efficiency and effectiveness. In today’s world, however, those twin goals almost always lead to cloud migration. This anecdotal observation…

A Personal Technology for Good Redux: Call for Code

By G C Network | July 12, 2018

In 2013 I had the opportunity to manage a $2M demonstration of how cloud computing could be used to support natural disasters. In that NCOIC Geospatial Community Cloud (GCC) demonstration,…

A Path to Hybrid Cloud

By G C Network | May 31, 2018

Cloud computing is now an operational reality across every industry. Organizations that fail to leverage this economic, operational and technology consumption model are merely consigning themselves to irrelevance. The rapid…

Human-Led Collaboration with Machines

By G C Network | May 29, 2018

When charged with managing large and complex efforts, an overarching project management task is risk assessment. It involves documenting the current situation, comparing it to the past, and understanding the…

Sensomorphic

By G C Network | May 28, 2018

240 million results are returned in 1.06 seconds (as of May 28, 2018) when you search for cloud computing in a Google search. With that much information available, and that many…

Artificial Intelligence and the Project Manager

By G C Network | May 25, 2018

Organizations use teams to create wealth, market share, customer service, competitive advantage, and organizational success. Effective teams accomplish their assigned end goals by engaging in collaboration as a joint learning…

Building A Collaborative Team

By G C Network | May 18, 2018

Recently, Harvard Business Review cited some insightful research into team behavior at 15 multinational companies. It found that although these teams tended to be large, virtual, diverse, and composed of…

Welcome the New Project Manager!

By G C Network | May 18, 2018

According to CIO.com, the six traits of highly effective project managers are: Be a strategic business partner who can offer higher-level strategic leadership skills, not just technical management skills, provide…

« Previous
1
…
3
4
5
6
7
…
73
Next »

Everyone wants their device of choice right there next to them 24/7. To an employer, however, that smart device is nothing more than a dagger posed to rip apart every shred of corporate security. This reality of modern business was highlighted by the Information Security Community on LinkedIn through their 2016 Spotlight Report on “Bring Your Own Device” (BYOD). The key trends influencing enterprise BYOD and mobile security line up as follows:

Increased employee mobility (63%), satisfaction (56%) and productivity (55%) dominate as the top drivers of BYOD. These employee related drivers are considered more important than reduced costs (47%).
Security (39%) and employee privacy (12%) are the biggest inhibitors of BYOD adoption.
20% of surveyed organizations have suffered a mobile security breach, primarily driven by malware and malicious WiFi.
Security threats to BYOD impose heavy burdens on organizations’ IT resources (35%) and help desk workloads (27%).
Despite increasing mobile security threats, data breaches and new regulations, only 30% of organizations are increasing security budgets for BYOD in the next 12 months and 37% have no plans to change their security budgets.

These trends clearly highlight the need for enhanced data and application security in enterprise mobility and cloud computing. They also reinforce the burden of securing data, applications, and devices that is being placed on the employer. Looking solely from the employer’s point of view, the report also summarized the mobility security concerns as follows:

72% – Data leakage/loss
56% – Unauthorized access to company data and systems
54% – Downloading of unsafe apps or content
52% – Malware
50% – Lost or stolen devices
49% – Vulnerability exploitation
48% – Lack of control on endpoint security
39% – Infrequent software updates
38% – Compliance

These findings indicate that enterprise mobility is a very dangerous threat vector that can be ruinous to any business. Unmanaged or ungoverned use of devices can lead to loss of customers, loss of sales, and costly legal and financial fines. This truth led IBM to offer the following Ten Rules for BYOD:

1. Create your policy before procuring technology: To effectively use mobile device management (MDM) technology for employee owned devices Policy must precede technology. Also note that these policies will have broad corporate-wide implications for IT, HR, legal, and security.

2. Find the devices that are accessing corporate resources: Companies must completely understand the current landscape of mobile device usage. Doing this will require using a tool that can communicate continuously with your network environment and detect all connected devices connected.

3. BYOD Enrollment for employees should be simple: Complexity tends to breed non-compliance. To address this issue, the BYOD program should use technology that allows for a simple, low touch way for users to enroll. The process should also concurrently configure the newly enrolled device.

4. Configure your devices over-the-air: To optimize efficiency for both IT and business users, devices should be configured over-the-air. Policies to restrict access to certain applications should also be in-place.

5. Help your users help themselves: A robust self-service platform that lets users perform the following functions should be made available:

· PIN and password resets

· Geo-locate a lost device from a web portal

· Remote wiping of sensitive corporate data

6. Keep personal information private: A well-crafted BYOD program keeps personal employee data away from others. Communicate the privacy policy to employees and make it clear what data cannot collect from their mobile devices

7. Keep personal information separate from corporate data: Corporate apps, documents, and other materials must be protected if the employee decides to leave the organization. Personal email, apps, and photos, however, should be left untouched.

8. Manage data usage: The organization should be able to track in network and roaming data usage on devices, generating warnings should a user goes over their data usage or stipend limit.

9. Continually monitor devices for noncompliance: Devices should be continuously monitored for certain scenarios, and automated policies should be in place. A few common issues are:

· “Jailbreaking” or “rooting” a phone

· Use of unapproved applications (like Angry Birds) that don’t rise to the level that requires an automatic wipe of the device

· Providing a simple way to be alerted when a new OS is ready for installation and making it a self-service function.

10. Enjoy the return on investment (ROI) from BYOD: Although BYOD shifts responsibility for purchasing devices to employees, it’s worth considering the big picture and long-term costs for your organization.

BYOD is now a corporate fact of life. If your environment includes traditional desktops and mobile devices, your organization may also need to consider working with a partner that has the specialized IT skills to migrate, integrate and maintain all types of IT network endpoints. IBM Mobile Virtualization Services should be considered as that partner in order to ease mobile user and application migration issues. Available services include: