BYOD: With so many device options, how is security handled?
Embracing a work environment in which employees are able or even encouraged to do company business on their personal phones, tablets, and PCs can improve an organization’s agility and productivity. However, doing so incurs several well-documented risks, not least of which are security breaches.
Still, the workforce is increasingly mobile. (In a recent report, Hampshire, UK-based Juniper Research predicts that the number of employee owned smartphones and tablets used for business will more than double by 2014.) For many organizations, bring-your-own-device (BYOD) is no longer a trend — it’s becoming a necessity. So how does a company go about protecting its all-important data assets without stifling employee accessibility in a work-from-anywhere world?
Policy development is, of course, a critical step toward increased security. And as SearchCloudComputing.com’s Michelle Boisvert notes, the cloud can also help IT departments overcome what she calls “the BYOD-security conundrum.” Boisvert says that’s partly because cloud computing can change the way IT departments deal with security concerns. Additionally, a well-managed cloud service can provide additional layers of data protection suited to a particular business’ needs.
[See Compliance Do’s and Don’ts: What Your Cloud Provider Needs to Show You]
These days, it’s best for businesses to build BYOD policies right into their cloud strategy. Speaking with InfoWorld’s Galen Gruman, Weston Morris says that in order to target their specific security needs, IT staffs must first work to understand what it is they are trying to protect, and then craft policies accordingly. Morris, an architecture lead at Unisys’s Global Managed Services group, warns against applying too narrow a focus when coming up with a security plan. “The chances are that many such existing policies have gotten too specific in terms of the implementation, leading to a narrow protection approach that doesn’t evolve with new technologies,” he tells Gruman.
Of course, for businesses that must adhere to specific compliance requirements, decision makers ought to be sure their companies’ clouds are covered. According to a recent survey by Frost & Sullivan, conducted on behalf of the (ISC)2 Foundation, 66 percent of information security managers polled said that most companies “need to get more of a grip on how compliance requirements are being affected with the prevalence of BYOD,” Computer Weekly reports.
To ensure that their company’s security needs are met in an increasingly cloud-centric and BYOD business environment, decision makers ought to ensure compliance protocols are built into their service providers’ agreements.
[See The Cost of Being Secure: Cloud Adoption Roadblock?]
Overall, with employee agility, productivity, and satisfaction at potential odds with security, decision makers ought to think critically about how cloud can help make BYOD a beneficial change.
By Jake Gardner