BYOD is no longer a what-if. Judging from various studies, adoption of “bring your own device” policies has become commonplace, with upwards of 70 percent of businesses embracing this approach. But how well are those devices secured?
That’s the multimillion-dollar question. A recent online survey of midmarket companies by Good Technology found that those with BYOD policies “had twice the security concerns of those who don’t.” In addition, “65 percent of users working in midmarket organizations with formal BYOD support are concerned about privacy.” That compares with 35 percent in companies without BYOD.
These findings go to the core of what makes BYOD, though appealing in many ways, a risky proposition. Securing a hodgepodge of devices chosen by individual users, rather than through a corporate IT vetting process, can be a nightmare.
Aside from control and security issues, BYOD may end up costing more than paying for and issuing devices to employees. When you have to secure multiple mobile platforms, your IT security team needs the proper tools and expertise. That means you’ll be spending more on security and management, which is still preferable to suffering a costly data breach.
You can’t skimp on mobile security, especially with a BYOD program in place. You’ll need technology and processes to encrypt devices, authenticate users, block unsanctioned applications and websites, perform routine security audits, and deploy wipe capability for lost or stolen devices.
Imposing strict security controls on employee-owned devices brings up privacy concerns. Users aren’t likely to welcome employer access to personal contacts, applications, email and messages. But containerization addresses this issue by separating employer data from that of the device owner’s.
Another BYOD concern is the potential to overload WiFi networks and strain bandwidth, so organizations should address infrastructure and bandwidth questions before adopting a BYOD policy.
But BYOD isn’t all bad. In fact, it may still be the way to go, as long as you address the potential risks. There’s much to recommend BYOD, including budgetary reasons. Not having to pay for devices, data and voice plans, as well as device refreshes for hundreds or thousands of users, can produce significant savings.
BYOD eliminates a capital expense, and even if you give employees a mobile device allowance to pay for their plans, you’re bound to come out ahead. It can also eliminate overhead costs by eliminating office space in favor of telecommuting where appropriate.
Giving employees a choice of device creates goodwill and boosts productivity. Users won’t have to spend time learning the device, and if they enjoy working on it, they’ll be happier and more productive.
A BYOD policy also supports a company’s mobile and cloud strategies. As organizations endeavor to become more agile, mobile apps can help them respond to changing market dynamics and meet customer needs.
So should you implement BYOD? That depends on how well you address management and security challenges. Giving employees choices is usually a good move, but you’ll want to know what you’re getting into before making that decision.
Read more about securing your mobile users including BYOD