It’s pretty clear that there’s no turning back the bandwagon for Bring Your Own Device (BYOD). Customers have tasted what it’s like to have anywhere, anytime access. Now they demand the simplicity of checking email on their phone, using cloud services to save and share information, and logging in to work from anywhere. But while BYOD brings satisfaction to customers’ employees and increases work productivity for enterprises, it also opens up their network to security risks.
For IT Departments, BYOD brings a host of security and compliance implications. Unlike their employees, your customers’ IT departments are less enthusiastic about embracing BYOD because it lessens control of their network’s safety systems. Now they have to be concerned with not only external hackers, but also internal hackers. With users embracing BYOD, they may be unknowingly revealing —via the Internet or public cloud – all of a company’s sales records, confidential files, or internal spreadsheets, etc. in an unprotected and insecure way when they use their own devices or cloud services for work.
So the question is, what can be done to keep customer satisfaction and productivity high, while still protecting enterprise security and keeping IT happy?
Rather than simply rejecting the notion of cross-cloud data integration, i.e. the constant sharing of data across many clouds and devices that comes with BYOD workflow, or simply accepting that BYOD leaves the enterprise’s network security open to a hacker free-for-all, below are several tips to help your customers implement safer BYOD practices to keep both them and IT satisfied and safe.
- Define levels of access: Each employee in the company is important, but some have a greater need to access sensitive data than others. One security measure that adds a layer of protection for sensitive data is for IT to define the level of access that employees have and to assure that access levels are maintained whether employees are working behind or beyond the corporate firewall depending on their role and device they are using.
- Help IT work with employees, so they’re both happy: Too often IT is placing strict compliance BYOD guidelines on employees without letting them know or even addressing it. Instead, before an enterprise or IT rolls out a BYOD program, IT should work with employees on how they are using these devices and service to establish a clear policy that will work for them and not interrupt their workflow. For example, IT and employees should work together to define the level of access mentioned above and should outline what kind of information can be stored on personal devices, which software and applications can be used over which networks, what kinds of security should be in place to keep the company network safe, and also what the consequences are if these policies are violated.
- Education: It’s important for IT to educate employees on the cloud services and mobile devices they are using and some of the security implications that infractions could bring to the entire company. It must be clear that customers – at every level – need to take responsibility for their information and understand what they are doing. You would not cross a busy highway without looking and expect not to have issues. The same is true of BYOD and cloud. Look at what you are doing, where you are doing it, and take necessary precautions.
- Provide Proper BYOD Protection Tools: We have already established that customers will not stop using BYOD services, so it’s important for IT not to fight them, rather provide them with the correct software tools to enable the BYOD security to work. For example, one trend that is becoming popular within BYOD security protection is encryption at the file level and giving customers control of the encryption keys. Encrypting documents at the file level adds an extra layer of security, so even when a document is in transit, it still stays protected.
As long as there are employees involved, it will be difficult for IT to reduce or enforce BYOD policies. Employees can be forgetful, lazy, feel that rules do not apply to them, or simply just not understand any of the security consequences that come with BYOD. Therefore, it’s critical for IT to work with transparent tools that enable workers to perform and have access to the services and tools they like, but with all the measures in place to create a secure environment. Your SAP customers are looking for convenient solutions to streamline their workflow, but that doesn’t mean they should have to sacrifice security. These tips can help them create better BYOD policies.