A well-equipped mobile worker is no longer a “nice to have” or a luxury. It’s a business necessity.
In an economic climate where success or failure is based on the productivity and efficiency of employees, BYOD (that stands for “bring your own device”) programs are flourishing. In fact, the latest CDW IT Monitor survey found 76 percent of organizations now allow the use of personal mobile devices for work-related tasks.
At the same time, IT Monitor also found that one third of IT decision-makers are not confident or only somewhat confident in their BYOD security measures. One in five organizations are not implementing IT security measures or protocols to manage the risks.
To properly implement a BYOD program that offers flexibility while simultaneously addressing inherent security risks, organizations need to look at these devices as assets, not merely as liabilities. IT leaders need to take an objective look at how mobile technology can be used efficiently and effectively, what functionality is required, and where boundaries need to be established.
On the surface, creating a sound BYOD program can seem like a daunting task. It is feasible however, when dissected into three distinct parts: mastering mobile device management, ensuring a sound IT infrastructure, and establishing end-user protocols.
Managing the mobile workforce
On the device-management side, the objective is quite clear: Create an environment in which an organization can manage data in the event a device is lost, stolen or operating in an unsecure environment. To properly manage employee devices, organizations should focus on:
- Providing a choice. One of the primary choices of BYOD is to enhance real productivity. With this in mind, it is important to let people use the device they want to, while ensuring that a reasonable level of safety is provided for the device they choose.
- Maintaining an appropriate level of control. Having the ability to access devices remotely means that companies are better equipped to conduct remote wipes. If a device is lost or stolen, remote wipes can protect sensitive data or documents by quickly removing the information from the device.
- Preparing for uncertain environments. Similar to remote wipes, encryption also helps protect sensitive information if a device is lost or stolen.
Once you build it, the work isn’t over
Implementation does not stop once employees have selected their devices. Organizations need to revisit their IT infrastructure and examine how a BYOD program will impact it. A few areas to focus on are:
- Delivering on your technology promises. An organization’s wireless network needs to be capable of supporting a large number of different mobile devices. BYOD ladders up to meeting business goals, but if a network cannot support all the devices, productivity is lost and employee morale could plummet.
- Offering appropriate network access. Beyond bandwidth, IT leaders need to determine what type of information is truly needed by an end user. For example, access to next year’s strategic planning documents is not necessarily appropriate for a sales meeting. The goal is to quickly and efficiently provide each user with relevant information without granting unnecessary access.
- Creating a desktop experience away from the desktop. Web services, email and calendars are typically easy to access from mobile devices. Some organizations are taking BYOD to the next level by providing virtual desktop infrastructure (VDI). Using this technology, organizations can offer secure methods of guiding mobile devices to a virtual desktop, which allows them to do more while away from the office.
It takes a village
In order for a BYOD program to be safe and successful, there must be rules. When establishing protocols, organizations must look beyond their IT departments. To develop effective protocols, companies should:
- Assemble a multi-disciplinary team. While BYOD security protocols may be created by an organization’s IT leader, input from other departments must be sought. Ideally, protocols should be developed with the involvement of an organization’s HR, IT, finance/accounting, and compliance departments.
- Keep employees in the know. Once the appropriate protocols are in place, they should be reviewed with employees at least annually. The bottom line is that while the actual device is owned by the coworker, an organization has control over the data.
- No one under the radar. Developing an effective BYOD initiative should support and enable the user in a way that gives them no reason to go “under the radar.” Sufficient device choice and the practical protocols will help ensure compliance.
The road to BYOD implementation will vary for each organization. Remember: Although BYOD programs can introduce additional security risks into an organization, allowing employees to use the mobile devices of their choice for work related tasks provides flexibility and drives productivity. In the end, it is a win-win for organizations and their employees.
Doug Eckrote is senior vice president of Strategic Solutions and Services for CDW, a leading provider of technology solutions to business, government, education, and healthcare. Eckrote is responsible for CDW’s complex technology services including assessment, planning and design, business continuity, virtualization, collaboration, security, mobility, data center optimization, and cloud computing.
Image courtesy of David Hammonds, Shutterstock