Right now, there may be no more contentious issue in business WiFi and networking than the "problem" of Bring-Your-Own-Device.
According to a recent global study by Kaspersky, three-fourths of businesses surveyed described BYOD as a "growing threat" to their businesses. Yet, at the same time, according to other studies, nearly two-thirds of businesses plan on supporting this. And in the meantime, at least two-thirds of workers (likely much higher) are using their mobile devices at work, regardless of stated company policies.
While differences in sampling can account for some of this, it still seems clear that BYOD is here, it's big, and a lot of companies don't seem to know what to do about it.
On top of that, Gartner's experts are predicting that one in five policies will fail specifically because they're too restrictive. That is to say, the burdens being imposed by some companies either intrude too deeply into the worker's personal usage, or else call for unrealistic security measures that will simply go ignored.
So, when an estimated 1 in 3 smartphone owners don't even bother with a passcode, how can a business find Bring Your Own Device policies that are realistic, secure, and won't simply be ignored?
Maintaining the Highest Level of BYOD Security, Despite Your Users
1 - Require (Short) Lock Codes
Addressing the biggest single problem first, there is just no reason to allow workers with unsecured mobile devices onto your network. A written policy requiring a lock screen with at least the OS-minimum number of characters is absolutely reasonable, and should cause little trouble.
However, don't go overboard. Remember that users are having to punch these codes in every time they use their device or answer a call, so trying to require complex multi-case or alphanumeric passcodes will almost certainly fail.
2 - Implement A Unified File System
In these days of virtualized networks and distributed file-sharing, it's absolutely vital you use a unified file system that allows for global user and group-access policies. Companies that keep their files on multiple independent servers, each with individual security settings, are playing with fire.
Today's virtualized file systems can ensure that every user has the proper permissions to (not) access any content, regardless of where it is in your network. A well-maintained and properly restricted set of server-side data access policies will do more to prevent unauthorized file access than virtually any other method you could implement.
3 - Block Public Cloud-Sharing Systems
Plenty of mobile users have accounts with Dropbox or other personal file archival systems, and they'll upload business data to these systems without much thought. Unfortunately, these systems are often fairly insecure, and they take your files into systems where YOU have no control over them.
So if your employees are using services like Dropbox as productivity tools, it's laudable, but a dangerous practice. Consider establishing a protected shared space where your workers can store their files, while still being within your own security zone.
4 - Establish Separate "Public" Internet Access
One of the better reasons to embrace BYOD is its effect on your guests and clients. Virtually anyone who visits your workplace is going expect to be able to check their mail. But why should they be allowed onto your main network?
It's cheap and easy to set up Guest-level WiFi access points that can also be utilized by workers who simply need to do research online. By keeping these users on a separate network, you'll be keeping them all away from areas they shouldn't be.
The Balancing Act
Right now, the "right" solution for balancing BYOD openness vs security is going to vary from business to business. Our best advice is to survey your employees, look at how they're using mobile devices, and find policies that work within that use.
Or, considering downloading one of our free eBooks for more advice!