As mobile devices continue to offer an effective collaboration and productivity tool in the office, the rise in the adoption of ‘bring your own device’ (BYOD) in the enterprise sector is expected to continue. In fact, it has been predicted that 50% of employers will start requiring employees to supply their own mobile device for work purposes by next year.
"We're finally reaching the point where IT officially recognizes what has always been going on: People use their business device for non-work purposes," said David Willis, VP and distinguished analyst at Gartner.
However, security remains the main reason why many businesses continue to disapprove of the usage of mobile devices for work purposes. Since smartphones and tablets have been linked to multiple cyber threats and crimes, companies are hesitant to deploy BYOD in the office. So, how do most companies effectively run their BYOD scheme? Read on below to find out some data security tips for enterprises that allows the usage of mobile devices at work.
Control data access
Businesses must have full control of whatever corporate data is being accessed by employees on their mobile devices. An effective BYOD scheme must satisfy productivity and the need for accessibility while keeping the company’s data secure. There should be a Mobile Device Management (MDM) system, which allows organizations to control the data that can be accessed by apps and devices, and a Mobile Application Management (MAM) that ensures data security and integrity for the whole BYOD environment to stay protected and controlled. These two systems control password, data encryption, network, app access and settings among other things. Organizations must also set up a secure virtual private network (VPN) and protection policies when it comes to emails.
Use a single and secure OS
It makes things easier to manage BYOD when you are only looking at a single platform to control. If employees are using different systems, the IT department will have to work on separate security codes for each OS. The adoption rate will be quicker if everybody in the office is using a single platform. Some operating systems have cutting-edge privacy and security features that help businesses in keeping their company files and data safe. In particular, the iOS 10, which O2 mentioned to be pre-built into the new iPhone 7 using “differential privacy.” According to privacy researcher Aaron Roth, Apple is minimizing the chances of identifying specific individuals through their search queries online through privacy techniques, such as hashing, noise injection, and subsampling.
Similarly, Google has also worked on offering a more secure mobile OS for enterprises on their Android N version with its improved encryption that secures the entire device’s storage. With these new mobile OS developments, it makes it easier for businesses to apply the BYOD scheme effectively.
Set a clear usage policy
The most important security tip is to build a well-defined and clear usage policy. Employees must know their responsibilities and limitations when accessing company data on their mobile devices, including the consequences in case of misuse. End-users must also know beforehand the responsible way of backing up their data as well as keeping their mobile devices safe from cyber and physical threats. Consider the following factors when establishing a BYOD policy:
• Specify the devices that are permitted
• Establish a stringent security policy
• Define a clear service policy for devices
• Clarify who owns what apps and data
• Decide which apps are allowed and banned
To prevent a data breach, companies must apply a secure authentication process, such as the Two-factor authentication or 2FA. It should be required for all kinds of corporate data access to ensure that only employees with the specific security information can view the website or app’s content. Similarly, most premium mobile devices also have a two-way secure process to limit the access of the gadget to the owner by requiring the user to type in the password after passing through the biometric authentication process. Apple has maximized 2FA in their mobile devices, where users will have to prove they are the owner of the smartphone by scanning their registered fingerprint then typing the required password. While 2FA isn’t particularly new as CNET states credit card companies have been using the process for a long time, many still continue to avoid using the process as it’s not very easy to set up and use.