BYOD: Productivity Dream or Security Nightmare?
Bring your own device (BYOD) programs can be incredibly valuable to businesses, but they aren’t without their security concerns.
Pros and Cons of BYOD
There are two primary benefits to BYOD initiatives in the workplace. The first is the immediate savings generated by not having to provide employees with devices. The second is the greater productivity and collaboration engendered by an increasingly mobile workforce.
Neither of these pros are without their cons, however. The benefit of not having to provide employees with devices comes with the necessity of supporting a much wider variety of devices than most businesses might like. Also, because mobile employees use the same devices for personal and business communications, they tend to take them wherever they go. This is part of how a mobile workforce benefits the company — employees are, effectively, always at work — but it also creates a number of security issues. People tend to be much less security conscious when they are out socializing than when they are at work.
There are ways of making mobile devices, even employees’ personal devices, more secure, but many affect the ease of use in significant ways.
Work Inside the Box
The most common solution to BYOD security is to silo-ize work apps and data inside a virtual container on the device. In a situation where the device is lost or stolen, IT can wipe the work-related information remotely, thereby maintaining security.
There are several issues with the most common implementations of these virtual containers. Generally, the only apps that can be inside the container are those installed by the business. The device’s native apps, such as the address book and calendar apps, must live outside the container. Quite often apps inside the container are not able to communicate directly with apps outside the container. This tends to impede workflow on a mobile device to the point where there’s really no point in using the device at all.
Who Are You, Again?
The answer many organizations have come up with is to increase the amount of authentication required to access business systems from mobile devices. This has a negative impact on productivity and workflow processes and increases the likelihood of a user forgetting a piece of information and thereby losing access — or worse, writing all of their login credentials down somewhere for easy reference.
Building a Better Mousetrap
The key to increasing security without sacrificing usability is to increase authentication, but on the back end rather than in the user space. Contextual analytics, for example, can look at data such as the device’s location, usage patterns, or proximity to other devices and spot anomalies that might indicate device theft or loss. Upon detecting such an anomaly, IT can be alerted or the device disabled until given further instructions from an authorized source.
BYOD programs can reap great rewards for companies that implement them properly. The key to doing so is to find a way to provide an adequate amount of security without sacrificing usability or app interoperability.