View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
May 14, 2014updated 22 Sep 2016 1:21pm

Your 5 step guide to solving the BYOD security headache

CBR partners with Piers Daniell, founder and MD of Fluidata, to help you bring mobility chaos under control.

By Duncan Macrae

BYOD is a burgeoning trend. People receive work emails on their personal smartphones, use their home computers to work remotely and think nothing of using personal USB sticks to hold work documents on as they flit between work and home.

Many businesses have introduced policies and procedures to support this new way of working, and even embraced it. However, Gartner forecasts that 20% of BYOD policies will fail by 2016. While employees like the benefits of BYOD, they don’t like the restrictions placed on the use of their own devices and are likely to rebel. Even if businesses refuse to allow BYOD, there’s no way of enforcing this, apart from preventing a direct connection to the network.

The rise of BYOD means that businesses not only have to protect against issues with the device, but also with the habits and behaviours of the user. In the future, securing the corporate network will be as much about conversation with employees (and trust) as it will be about stringent security measures.

Business systems are becoming more integrated, boosting productivity and saving time and money. But that interconnectivity brings greater vulnerability. Businesses need strong, secure networks, and reliable, flexible Internet connections (with watertight SLAs) if they want to be prepared for the future that awaits them.

This, of course, has introduced new issues into the workplace. Ten years ago, businesses were deciding whether or not to allow people to access their private email accounts through Hotmail or Yahoo using their work computers. There were concerns about productivity and some employees sending confidential company information to people they shouldn’t, but really when we look back on it, would businesses like to go back to this seemingly simpler time?

Businesses now not only have to monitor and secure the internal network of desktop PCs and laptops but everything else that an employee uses for work.

Content from our partners
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business
When it comes to AI, remember not every problem is a nail

BYOD has revolutionised the way we work, but it has brought not just a headache but a full scale migraine to the IT department when it comes to security and data control.

So how can a business manage it? Piers Daniell, founder and MD of connectivity solutions Fluidata, offers his 5 tops tips…

Introduce mobile security policies

The answer is not to have a knee jerk reaction and put in place policies that actually hinder employees and break down some of the benefits BYOD can bring to an organisation. If the policies are overly restrictive, employees will either cease to be as productive when out of the office, or they will find ways around the policies in place, ultimately taking unnecessary risks to do their work.

Balancing act

Businesses need a careful balance between securing users’ devices and allowing them to work in the way that best suits them. However, there will always be an element that the IT department can’t control: human error. Whether that is accidentally sending an email to the wrong person or giving someone their password, there is no firewall or policy that can mitigate it.

Connectivity through Wi-Fi

Employees need to know that they have to use secure Wi-Fi when logging on to do work. Free public Wi-Fi puts data at risk, as it’s easy for hackers to intercept the signal, or set up their own Wi-Fi networks to get people to connect to them. It’s not just financial details that they want, but the passwords used to access the corporate network, or emails. A more secure method is to set up a mobile hotspot using your smartphone.

Even the office Wi-Fi can be more secure by taking extra steps like creating a guest network for non-employees, checking for rogue access points and even hiding the network name to make it less of a target. Technologies such as Meraki’s application manager for their wireless access points allow IT managers to keep a track of who is using what and from what device aiding security and performance.



Continuous monitoring

As we all know, as soon as one risk or threat is stopped, another comes along. Unfortunately no matter what we do, corporate networks are under constant attack from spam, viruses, DDoS attacks or something even more sinister like data theft. So as well as security, it is important to have in place the tools that not only monitor for these threats but also alert you as they happen, so you can take the necessary steps.

There is no way to prevent all attacks on a network, so being able to continuously monitor it is essential for risk management.

Device detection

BYOD has also increased the complexity of this monitoring, as a business cannot monitor a device on its network that it doesn’t know about. By working in conjunction with IP monitoring tools businesses are able to scan the network traffic and detect any new devices.

Implementing the latest in security technologies can only go so far in protecting a business. Technology needs to go hand in hand with strong guidelines and education of employees. Collaboration between the IT department and users is so important, as each needs to be as invested in protecting the company as the other.



Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.