Skip to content

Bring Your Own Device - Best Practices & Implications | Web Security

Posted by Ronan Kavanagh on Thu, Dec 20th, 2012

BYOD is the new buzzword doing the rounds and is something that is going to be even more prominent in 2013 as it continues to build momentum at an unprecedented rate.  BYOD quite simply refers to people that bring their own device for use at work.  As people today are becoming increasingly tech savvy and self empowered, with a typical person now owning an assortment of devices including smart phones, laptops, tablets and PCs, it was inevitable that people would start integrating the use of their devices with work related activities.  This is not surprising as many employees prefer to work with their own technology because it is familiar, powerful and already an integral part of their everyday lives. 

At a first glance this practice seems like a win-win for employees and budget concerned companies as they don’t have to shell out extra resources for equipment, set up and training.  But is it all rewards and no risk? What exactly are the advantages and disadvantages of adopting a BYOD culture in your organisation?

Benefits of BYOD

Organisations that adopt a BYOD strategy often list employee satisfaction and improved productivity as key advantages.  The rationale behind this is that people have the devices they do for a reason, those are the devices they prefer and feel comfortable using.  So much so that they have spent hard earned money buying the devices and invested time learning to operate them efficiently.  So it is only natural they would want to extend their usage with work related activities.

Another benefit stemming from bring your own device is that companies that embrace BYOD tend to save a lot of money by shifting the costs to the user, with the worker paying for most or all of the costs for the hardware and other associated expenses.

Other noted advantages include, BYOD devices tend to be more cutting edge than stock equipment at work resulting in the organisation getting the benefit of the latest features and capabilities.  Users also upgrade to the latest hardware more frequently than the painfully slow update and refresh cycles at most organisations.  You can expect to see a high influx of devices being introduced after the holidays, in work as many people will have received the new technology over Christmas.

Security Implications

The downsides are also clear, the extra strain on the IT department for one.  The IT department now has to support a wide range of devices and platforms, many of which will not meet their security policies, and they have little or no control over whichever smart phones, tablets or laptops workers are using.  If the IT department already didn’t have enough to worry about, 2013 is predicted to be the year that Android is placed firmly in the sights of cybercriminals as mediums to infect and disperse their malware, spam, Trojans and everything malicious.  This could spell disaster for IT departments as they have less control over the BYOD devices and may find it more difficult to detect any threats as many of the devices used by employees run on Android.

Best Practices

Determine which devices will be supported.Not all devices will meet the security requirements of the organization.  It may be in the best interest of the company if each device is physically inspected by a member of the IT team and make sure it hasn’t been jail broken or rooted.

Protect sensitive and personal information

Personal devices can be full of personal information, documents, and applications that are on the device for non-work purposes.  There should be a way to identify personal versus corporate owned devices, and apply a particular policy to hide the personal information from IT administrators.

Appropriate Policy

An appropriate policy must be created to tailor for different groups of users, to detail the rules, regulations and expectations to be followed.  Signing a terms of use may also be necessary. Companies should also regularly sit down with workers using their own gear and discuss what they are using and why.  Find out what apps are being used on each platform and how they are being leveraged to best get the work done.  This will also allow make people wise to the security risks they could be susceptible to.  This should be done on a public basis so the information is shared with the workforce as well as with the IT folk keeping track of it all.

There is no doubt that more companies will continue to adopt a BYOD environment in the future.  This, in turn, will demand new support processes and new skills from IT along with further realisable business & web security implications.  It could also alter the way support budgets are spent, while cost savings may not be initially be realised, over the long term the organisation may see significant operational savings if effective and efficient procedures are put in place.  This will maximise the advantages of BYOD set out above while minimising the chance of a security breach or any complications.

Related Articles

Never Miss a Blog Post

Sign-up for email updates...

Get Your 14 Day Free Trial

Talk to Our Email and DNS Security Team

Call us on US +1 813 304 2544

Contact Us