Are the devices that you use for your personal issues (laptop, smartphone, tablet) also a working tool used in your business? Have you ever stopped to think what that may mean? The use of personal devices in the corporate environment is what is known as BYOD (Bring Your Own Device). However, it should be noted that the BYOD introduces risks that must be treated with care.
These risks are derived by loss of control over management of these devices by the company. Employees as owners of the devices, have the ability to fully configure their devices, unlike corporate devices that are configured by the IT department with appropriate security measures.
To ensure safety in the use of BYOD, the company must define a policy that addresses the requirements to be met for personal devices that can be used as tools for work. Among the requirements that are necessary for the safe use of BYOD devices, one should take into account the following aspects.
Organizational / Regulatory:
Define rules for the use of BYOD devices that employees must accept.
Establish the process to follow and deliver / remove the information when the employee leaves the company.
Limit the use of unknown networks.
Limit installing applications on devices (as in the case of applications for mobile and tablets, you can provide permission to third parties who jeopardize the safety of devices).
Technical organization:
Establish measures to control access to the corporate network through the device.
Provide some manageability to the company on these terminals.
Technicians on the devices:
Implement a policy of strong passwords on these devices.
Enable encryption of the information contained in the devices.
Having a properly configured and updated antivirus.
Establish mechanisms to update both the operating system and the applications related to security.
Prevent automatically saving user credentials associated with the corporate tools from the device.
Regardless of the security measures to be applied, the decision of using a personal device as a tool for the employee’s is their own. In this case the employee must invoke the rules marked by the company. However, the company must employ measures that are proportional and not abusive, since in the end the device is owned by the employee.
The use of personal devices in the workplace, is a new context for the enterprise, providing certain advantages and risks exposing others. We must be aware of these risks and the steps we must take to make safe use of BYOD. You can find more information about it in this interesting Dell infographic.
