As we've discussed previously, Bring-Your-Own-Device policies bring plenty of benefits to a workplace... but they also bring new burdens and responsibilities for your workforce. Beyond the technical aspects, a successful BYOD implementation requires a well-trained workforce that understands the technology and how they're expected to use it.
The issue here is that BYOD is so so broad that there aren't really "rules" for its usage that are widely-adopted. Largely, every company's policies will be different, and set up according to their own business use.
However, some apps and other features are not acceptable in any environment, for various reasons. Today, we're going to discuss a few of these and why your workers will need to have their usage restricted.
BYOD Implementation Lesson #3:Apps You Should NOT Allow On Your Network
1 - Anything "jailbroken."
The exact process varies from device to device, but every major smartphone OS can be "hacked" by programs designed to subvert its security settings. This allows the user to install custom apps not approved by the official app stores, or even illegal uses such as software piracy.
While there are legitimate reasons for an everyday user to jailbreak their device, this is simply not acceptable on a business network. A device with subverted security simply cannot be fully trusted, and should not be used in until its factory OS is restored.
2 - Dropbox or other public cloud services.
If your workers are storing any work documents on public cloud servers, like Dropbox, this needs to end immediately. You have no control over Dropbox's security, and no way of verifying your workers are using strong passwords. No work documents should ever be stored on a server you don't control.
One exception: Because of its widespread use in business, Google is generally trusted. However, if you're using Google's cloud offerings we strongly advise signing up for Google's professional services. Don't allow workers to simply use their private accounts.
3 - Skype / VoIP Services
If you have a Unified Communications system - which is a backbone for most BYOD implementations - it completely defeats the purpose if you allow your workers to make private VoIP or videoconferencing calls. It's also terribly insecure.
All business communications must go through your servers, no exceptions. Skype is only for personal use.
4 - Social Media
You may want to use Mobile Device Management systems on the server side to simply block access to social media functions, or only allow their usage on the "guest" network. However, this will be an individual judgment call.
While there are plenty of good uses for social media in business, they also offer big security issues - especially with the recent announcement that Facebook will be literally listening in on microphone-enabled devices.
We really don't enjoy saying Facebook should be banned, but again: It is now trying to listen to its users' background life. In our view, that's an unacceptable security risk, despite Facebook's claims to be encoding anything overheard.
Otherwise, business-related social media should be restricted to your marketing department and employees whose work relies on it, such as your sales staff.
App Security Is A Balancing Act
When crafting BYOD policies, there's a careful balance that needs to be struck: Protecting the most important security holes, without overly inconveniencing your workforce. For example, while it was tempting to put "Any Games" on the list above, the reality is, you'd never convince your workforce to delete all the games on their smartphones. They'd just ignore such rules, or hide games inside subfolders.
Your policies should, ideally, restrict their work usage while inconveniencing them as little as possible in their home lives. However, some accommodations will be necessary in any case.
Overwhelmed by BYOD?
It's a new technology, and a new way of doing business. Hummingbird stays on top of new productivity tools, and we're here to answer any questions you may have!