Simplify BYOD – Five Tips


The primary goal of BYOD management in the enterprise is to safeguard data and applications while allowing the organization the flexibility and efficiency gains. To achieve this, security policies and mechanisms must be put in place for enterprise data access from personal devices.

1. First things first – protect enterprise data and apps

Tight control on who has the privileges to run what enterprise apps from what device helps minimize the risk of data loss or corruption. To protect sensitive information, time window and location based fencing can be enforced for access control.

2. Secure the device

When an employee is walking around with an access point to your crown jewels such as intellectual property and confidential information, precautions are in order to thwart unauthorized access, malicious attacks or inadvertent disclosure due to device loss or theft. Locking down the corporate data on device via multi-factor authentication, access control, containerization and capabilities to track and remotely lock and wipe containers on the device provides the gatekeeper protection you need.

3. Ensure personal privacy

Earn the trust of your employees by implementing privacy policy that’ll only allow monitoring of the work container on the personal device. Personal communications, contacts, apps and data should be out of bounds for any monitoring application. Limit location tracking to the boundaries of the work location, except in the case when a device is lost or stolen.  Avoid rigid policies in “blacklisting” and blocking apps on the device. Allow apps to run on the device while securing the workspace using geo-fencing controls. Also, ensure that personal device content is not wiped without employee permission.

4. Automate enrollment policies

Simplify BYOD enrollment by using employee credentials for authentication and configuration settings for enterprise access, including the use of VPN and secure HTTPS sessions. A cloud based enterprise mobility management solution makes user self-enrollment easy via link provided by centralized push, email or text. To protect against malware or virus attacks, security policy should ensure that devices are running approved OS version with all the security patches included. An EMM solution also brings the capabilities to detect and quarantine infected or compromised devices for a broad range of iOS and Android devices, including jail broken iPhones and rooted Android devices. Enforcing security policies for end point protection on BYOD devices is a critical first step for securing corporate access.

5. Monitor and take action

Real-time monitoring of data access and audit trails help contain the risks associated with BYOD access to enterprise data. Alerts and notifications to the user and admin upon security policy violations should be automatic and corrective actions must be pursued. Analytics on usage patterns and logs relating to enterprise data access and business related communications can reveal threats and potential security breaches that can be addressed pro-actively, preventing breach or loss.