Setting up a Bring-Your-Own-Device (BYOD) policy for your Organization- Be Cyber-safe-SOUTECHEsang U. E
In a recent survey by Symantec, it said that about three to four small and medium-sized organization owners have adopted smartphones and tablets as a core part of achieving their teams’ success. Since the use of these devices are gradually expanding, therefore there is a need to provide an apt security for them. This is the main reason why organizations have adopted the bring-you-own-device concept an approach that is commonly referred to as BYOD.
The fact that smartphones and tablets have grown into consumer markets have made a lot of employees choose employ the Bring-Your-Own-Device concept to their places of work. So, I’ll be giving you a few tips on how to stay protected on the internet as mobile devices have become a core entity in many organizations.
Therefore, the idea of developing a sound and efficient BYOD policy that can assist in gaining a maximum productivity in your organization or your company.
These are a few things I will buttress on this point which are the necessities for every organization;
1.Assessing the needs of Your BYOD
One of the key things you can do is to brief or engage your employees and staff in talks regarding the use of their devices in the organization for business transactions. The things you need to find out are;
- Do they access the company server and read emails related to work or the business?
- What operating systems and the devices they employees use in order to access their network?
This information will guide your policies and help you to dictate the scope of your policies and the measures you can take to secure your devices. It can also help you to in making choices of the security softwares you can deploy to protect their devices.
2. Always Educate Your Employees
Endeavour to talk to your employees and team members on the potential risks of using mobile devices in and out of the office including the importance of managing these any related risk. It must be made compulsory for employees to follow security best practices, which include:
- Employing the use of complex passwords for their devices and for any program that is related to work which are accessed using those devices.
These passwords can be set by navigating through the device’s settings. Learn more about creating strong passwords.
- Employing a regular password changing policy. For example, changing passwords quarterly or every 90days. You can use password manager services like KeePass or LastPass which is capable of helping employees manage multiple and regular password changes.
- Always ensuring that system updates and app updates are done once the device prompts for them. This is done in order to protect against any possible security vulnerabilities.
- Being on the lookout for phishing text messages and emails which can be avoided by avoiding to click on such links that prompt them to download files and documents from unknown pages.
- Doing a thorough research on applications before having to download them unto devices. Employees should be discouraged from downloading applications from unofficial or third-party app stores.
3. Strong Protective measures must be implement
Products that will assist employees to build their strength and ability of their devices when used for business should be explored. A very good tool is the Norton Small Business software that performs the function of protecting mobile devices against malwares associated with mobiles.Research has had it that many devices running on Android platforms carry potential malwares and privacy loopholes and greywares which are capable of hindering productivity. However, there have been new products that provide more security including remote locate and lock and wipe features. These features allow mobile users to manage their device security from a central web portal. Consider using a VPN (Virtual Private Network) service if the employees access the company’s network remotely with their mobile devices. A VPN creates a tunnel that is encrypted in the internet which allows traffic to pass through it. There are mobile apps that allow users to connect to a VPN via their mobile devices or smartphones.
4. Acceptable Use should be properly defined
Guidelines should be outlined to clarify and define how employees can use their devices during business hours for business purposes. For instance, you may employ a pervasive policy by allowing your team members to access documents and emails, but prohibiting them having access to sensitive files such as financial data. Websites and apps that are prohibited from accessing with the company VPN during work hours should be specified.
5. Decide how these Guidelines are Enforced
Setup due consequences for any member of your team who goes against any of the outlined policies. Measures could be that if anyone accesses those prohibited apps or softwares during business hours it could result in warning and if anyone downloads or stores confidential files from a malicious app, such persons will not get funding for their mobile devices.
These measures should be outlined clearly with how any potential violations will be handled.
If you run a business or an organisation that encourages the BYOD policy, thinking through these steps and few tips should be able to guide you through building a firm foundation and an effective way to manage your infrastructure and protect it from any possible security breaches.
You can learn about a lot of more tips on how to better manage your infrastructure along proper auditing skills from SOUTECH ventures. We offer the best IT consulting solutions to our clients in Abuja, Lagos and Port Harcourt. Subscribe to our Ethical hacking course and learn more.