Best Practices for a Secure BYOD/PC Policy

Brought to you by:

www.advancedbusinesssolutions.com

What is BYOD???Bring your own device (BYOD)

(also called bring your own technology (BYOT), bring your own phone (BYOP),

and bring your own PC (BYOPC))

refers to the policy of permitting employees to bring personally owned mobile devices (laptops,

tablets, and smart phones) to their workplace, and to

use those devices to access privileged company

information and applications.

It’s becoming a BYOD worldand we just live in it

To ensure that you are able to meet the growing expectations for BYOD/PC and its success, it will require a combination of policies, technology, and processes.

BYOD. Give it to me straight.

Pros Cons Productivity is Up

70% of employees w/smart

phones regularly check their work email.

Increased Employee Satisfaction

Employees are able to be mobile and still have access to the files the need.

Cost SavingsEmployees are more willing to

purchase their preferred mobile device.

Managing SecurityConsider the loss of a mobile

device or data ending up in the wrong hands.

Retrieving DataIf an employee exits the

company, how would you regain control of said data?

Appropriate Use of Technology

Not exactly easy to control how someone uses a personal device.

Establish Clear Policies and Expectations

Once you have identifi ed your

technology approach, you wil l

then be able to create a BYO pol icy appropriate to your

needs and set expectations

appropriately.

Some Points To Consider

Device options/platforms supported

Is this a company wide program?

Reimbursement Terms of usage Support of the device What happens to data when an

employee exits the company?

Create a Secure and Separate Workspace

Container based solutions can make a personal device run as if

it was a corporate device. This way employees are

able to run files in a company restricted infrastructure. The container is also

encrypted, which secures data, even if the device is

lost.

Keep Your Network Protected!

Maintain separate networks for

employees and guests. Employees

using personal devices should use the guest network & can only access

company data through a secure

workspace.

Be Sure To Have A Reasonable Password Policy

Authentication is important but i f the

pol icy is too complex (12 characters, no

numbers, only #/@?*, change every other week, etc.) i t wi l l

drive employees to less secure

behaviors… l ike writ ing it down. Be

sure to balance security w/

productivity.

Address Compliance and Risk Management Mandates

Addressing this wi l l minimize r isks associated w/

instal l ing corporate apps and data. Keep

your company container completely

separate from personal data so that it is easi ly

removable i f an employee exits the

company.

A BYOD agreement checklist recommended by the Security for

Business Innovation Council includes:

Ensure that end users are responsible for backing up personal data;

Clarify lines of responsibility for device maintenance, support and costs;

Require employees to remove apps at the request of the organization;

Disable access to the network if a blacklisted app is installed or if the device has been jail-broken; and

Specify the consequences for any violations to the policy.

Source: “Realizing The Mobile Enterprise,” Security for Business Innovation Council, published by RSA Security.

To BYOD Or Not To BYOD?

While BYOD can be helpful, it can also be harmful if not implemented with the right strategy. Before moving forward, make a pro/con list and list of questions to see if your company is ready. Then let us help you build a concrete strategy that aligns

with your companies overall technology strategy.

ADVANCED BUSINESS SOLUTIONS PROVIDES IT SERVICES TO

BUSINESSES IN LOUISVILLE, KENTUCKY, AND SURROUNDING REGIONS. FROM

ONSITE TROUBLESHOOTING TO REMOTE MANAGEMENT AND

ENTERPRISE-WIDE DESIGN, WE OPERATE AS YOUR COMPANY’S FULL-

SERVICE IT DEPARTMENT.

502-896-2557www.advancedbusinesssolutions.com