BYOD: 4 Trust & Security Issues You Need to Address Right Now
With BYOD (Bring Your Own Device) becoming more common in the workplace, the issues surrounding them are becoming more necessary to address. With a device outside of the control of your IT department, security becomes an issue and trusting the technical know-how of your employees is put to the test.
Here are some of the top 4 BYOD trust and security issues that you need to deal with when allowing employees to bring their own devices to work:
Issue #1 – Security
Obviously, security is one of the top concerns when dealing with BYOD. There is always the fear of a device being hacked or stolen. Fortunately, there is location-based tracking and remote disablement software available to help counter these threats, but at what costs? How will using these counter-measures affect not only the company, but the employee?
To help balance good security with good employee-employer relations, a clear BYOD policy should outline to users exactly what security threats are out there and how a company’s counter-measures may affect the user’s daily life, as well as their device.
Issue #2 – Tech Support
While tech support is appreciated (and even expected) by employees to help solve their technical problems, there arises a trust issue when tech support deals with BYOD.
An employee’s device is their own and may contain personal data. Trust is placed with tech support to solve the problem, but how can you keep them from violating an employee’s privacy and snooping through their personal data?
In reality, there is nothing you can do; at least from the standpoint of ensuring your tech support is morally and professionally responsible with another employee’s private data. But there are options out there to help alleviate the trust issues and risk of employees getting nosy.
One such suggestion is to create a separate workspace on the phone. The work and personal portions of the phone are separate from each other and data is encrypted. This way, tech support only has access to the work portion.
Issue #3 – Proper Device Use
Allowing employees to bring a personal device to work is a big gamble because it greatly increases the opportunities for them to goof off and use their devices for non-work related functions (e.g. playing games and using social media).
However, there are ways to counter this. The two most common solutions are geo-fencing and blacklisting.
Geo-fencing involves restricting those within a network from using certain apps. For example, you might create a geo-fence around the entire office network and that does not allow employees to access the Facebook network, thereby stopping their app from doing so.
Blacklisting is more devices specific. It involves restricting a device from installing and running apps that are part of a list, hence a “blacklist”.
Issue #4 -Oversight
BYOD clearly defines the device as “your device”, but in the event of something like a lawsuit, you may need to give up your device (and all the data inside of it) for evidence or forensic analysis.
This can create some serious trust issues between the employer and employee.
The only real way to deal with this sort of trust issue is to be upfront about it. Create a very transparent policy and be clear about how employee data is tracked and how the data will be handled in the event of a lawsuit.
* * *
This article, by Keith Lai, originally appeared on the Altura Blog, and is reprinted with permission.