Getting smart about smartphones (and other mobile devices)

According to a Cisco study, ninety percent of workers in the USA are now using their own devices for work purposes.

Think about that for a moment. Based on current employment figures, that is more than 110 million people taking advantage of BYOD. While the scale in terms of people is far smaller here in Australia, we are typically quick to adopt technologies.

Most workers here use their own devices to some extent. The challenge is how to harness BYOD and treat it as an opportunity. Research by Vodafone shows that almost all (90%) of IT managers believe that mobile devices are equal endpoints that should be secured and managed on a par with desktops and laptops. This opens up an interesting situation, not just from a technology perspective but also in terms of legal and human resource arrangements.

Certainly, there are some excellent tools emerging to support security in the BYOD era, but like with anything in IT, the tools have to be used effectively. For many organisations, this means a notable rethink in security strategy. One of the biggest challenges for IT leaders currently is how to allow sufficient freedom to capitalise on the opportunity that BYOD brings, while still safeguarding information systems.

This shift occurs at a time that risks are changing. The image of online threats as individual youngsters, who spend too much time on their computer and not enough outdoors, is outdated. Sure, those threats are still out there, but today’s cyber baddies come more in the form of organised crime. Many of our customers are wisely opting to schedule regular independent security audits that include an examination of where they can firm up their defences. That is essential good practice in the BYOD era.

When we perform a security audit, we strongly recommend that businesses evaluate a number of legal and HR issues that go beyond the IT department. Some of the questions that should be asked include:

Can we remotely wipe data from a missing device, when that device does not belong to us but some of the data does? The answer may seem simple until you consider that the employee may have photographs of their newborn child, or their recent holiday, on their phone.

Can we separate an employee’s personal data from company information? And what is our responsibility if their own personal data is backed up on our systems?

Who has ultimate responsibility if the device contracts a virus?

How do we prevent unauthorised people (spouses, house-mates, families) from accessing corporate information on a device?

Do we need to change employee agreements to accommodate their BYOD responsibilities?

A good technology partner can provide some of the answers, but should also always suggest you seek legal advice as part of your BYOD strategy.

For more about BYOD and security that doesn’t constrict your productivity, contact the friendly Meridian IT experts.