Basics of BYOD for SMB: What You Need to Know!
by Bridget.Giacinto, on Sep 17, 2014 10:33:54 AM
In case you haven’t heard all of the hoopla about BYOD, it stands for bring your own device, also known as bring your own technology (BYOT), bring your own phone (BYOP) and bring your own PC (BYOPC). BYOD has been a hot topic for enterprises for some time, but as acceptance continues to grow, small and medium sized businesses (SMB) are starting to realize the benefits and implications of allowing employees to use their personal devices to check their email and network files on the go.
According to David Willis, analyst and Gartner VM, "BYOD strategies are the most radical change to the economics and the culture of client computing in business in decades."
BYOD offers a significant opportunity to mobilize the SMB workforce, increase employee productivity and saving costs. Analysts are predicting that this trend will continue to rise. The reality is, companies need to embrace this growing trend and put a plan in place to protect themselves from the inherent risks associated with allowing employees to use their personal mobile devices (smart phones, tablets, and laptops) to access network data.
BYOD is Changing How Businesses View Technology
This growing trend towards consumerization of IT, represents a radical shift in how employees use technology in the workplace. Consumerization is driven by employees that are embracing technologies for use in their homes that are simply not made available to them in the workplace, often times due to budget constraints. The whole BYOD phenomenon stems from the users' desire to use the devices they rely on in their personal life for business. This spill over from the consumer world to the business world is resulting in a technological transformation where we are seeing advances spring up on the consumer side before they ever reach the IT world, resulting in even more widespread embracement of BYOD for SMB and for enterprise.
The reality is, even if companies do not have an established BYOD policy in place, employees will continue to use their personal devices for work-related activities. To protect your business, it may behoove you to establish a company-wide BYOD policy. This will allow you to set standards for data protection and data security based on your business requirements. Any activity that a user performs that requires access to your SMB network from their personal mobile devices represents a potential threat to the security of your network data.
According to Forester research, 43% of SMB companies are supporting more mobile devices as a key initiative and Gartner is predicting that BYOD adoption will reach 90% this year.
At a Summit in 2013 Gartner predicted that, “by 2014, 90 percent of organizations will support corporate applications on a variety of personal devices, from conventional laptop PCs, media tablets and mobile phones to hybrid or other kinds of devices that have yet to be made widely available."
So what can companies do to protect themselves?
Creating a BYOD Policy for your SMB
There are a lot of great resources available that offer templates and guidance on how to set up a BYOD Policy for your business. While not all companies needs will be the same, these resources can be used as a base-line from which to create your own BYOD policy.
- The TechRepublic cites a few BYOD example templates in their post on how to create BYOD policy best practices from templates.
- VMware consultant TJ Vatsa offers insight on the Do’s and Don’ts of BYOD in his post on how to set up a BYOD/mobility policy.
Here are a few of the basic elements of BYOD for SMB policy creation:
- Anti-virus and security application requirements
- Allowable apps
- Setting up locked screens (devices protected with a locked screen)
- What kind of data is accessible (email, files, applications, intranet, calendar)
- What type of access is permissible (LAN, VPN, Public Networks)
- What kinds of devices are okay to use (tablets, smart phones, laptops)
- What the password complexity policies are (8 character min. with mix of alpha and numeric)
- What the protocol is for lost or stolen devices (the device is able to be remotely wiped)
- How to securely backup data that is created and saved locally on users personal machines
Securing BYOD Mobile Devices
Even Google is getting in on the BYOD bandwagon. In May of 2014, Google acquired Divide, a startup company offering technology which allows smart phone users (Android and iPhone) the ability to combine work and personal life in a single mobile device by delivering secure, encrypted workspaces for users to safely connect to business networks. Divide has the ability to protect companies against unauthorized access, malware, and data leakage so employees can go about their business and IT professionals can rest easy knowing their network data is not vulnerable.
Protecting Business Data Created on Personal Devices
Since data is often created on personal laptops and tablets, it important to discuss how, as an SMB business you can protect that data (i.e. documents, spreadsheets, presentations, videos, etc.). The security and protection of the data created and saved locally on personal devices is another piece of the BYOD infrastructure that needs to be discussed. It's time to start thinking about what technology you want to have in place to ensure that the business data created on these devices would be recoverable should the laptop be lost, stolen, or infected with a virus. If the data is not securely backed up on a regular basis, that data is susceptible to loss.
One option you may want to consider is using a backup software that can be managed remotely and encrypted to ensure the security of that data. NovaBACKUP is one such option. When this backup software is installed on the employee’s laptop it can be remotely managed using the NovaBACKUP Central Management Console (CMC), a web-based solution that is designed to manage multiple installations of NovaBACKUP clients in a LAN or through the Internet.
The beauty of this solution is in its simplicity. Users would just need to set up a specific drive or folder where work files were saved on their personal machine, and then the management console could easily be set up to securely backup just those files. The client license (installed on the laptop) automatically checks in with the CMC management system allowing the communication to remain intact (as long as there is Internet access available) and the administrator would have the ability to remotely manage, monitor and schedule backup jobs or recover files on the fly to that device. All backups can be set up with military-grade encryption, so files can be securely backed up, even when users are connect to the Internet via unsecure public networks.