7 BYOD Best Practices
Published April 23, 2012 6:24 PM
|
Updated April 25, 2012 12:55 PM
1 Min Read
Jiri Kabele/Getty Images/iStockphoto
Before enacting a BYOD policy, an enterprise and its CIO must define several objectives in line with an organization's compliance, cultural and operational requirements. Cost, acceptable use, security and management of the network are just some of these objectives.
1. Implement remote wipe from the enterprise.
As the number of personal devices being used grows, the chance that one of them will be lost or stolen also increases. Given that, a remote wipe that can be generated from within the enterprise can prevent many headaches in the wake of misplaced devices.
Jupiterimages/Getty Images/Pixland
2. Provide simple workable solutions that even novices can use.
Your workforce contains varying levels of technology aptness. Therefore, the solutions provided need to contain appropriate functionality and be easy to use. To provide the agility needed to manage work on a personal device, solutions should allow users to log-on to the user interface and access a list of their enrolled devices. From there, they should be able to locate their device, lock it, reset its password or wipe it. The user interface should be able to self-audit the device and report compliance issues.
Karen Roach/Getty Images/Hemera
3. Build a facility to deal with terminated employees.
Even before an employee leaves the enterprise they are a security risk. That risk is magnified once the process of termination beginswhether voluntarily or involuntarily.
Alexander Shirokov/Getty Images/iStockphoto
4. Protect sensitive and personal information.
Personal devices are full of personal information, documents, and applications that are on the device for non-work purposes. There should be a way to identify personal- versus corporate-owned devices, and apply a particular policy to hide the personal information from IT administrators.
Jupiterimages/Getty Images/Polka Dot RF
5. Implement a records management policy for business records.
Records management is a critical compliance requirement and should be controlled by the enterprise and not left to the individual user. A clear definition of what is a business record and how it should be saved and archived should be defined.
iLexx/Getty Images/iStockphoto
6. Isolate corporate data.
When supporting BYOD, you need to be able to isolate corporate data on the device, which includes, but is not limited to: Mandated records management requirements for archive and reviva, disaster recovery and business continuity implications, e-mail accounts, VPN and wireless settings, enterprise applications that have been pushed down and documents.
Thinkstock Images/Getty Images/Comstock Images
7. Continuously monitor automated actions.
The enterprise should have the ability to monitor the state of each device accessing the network whether it is approved or not. Answering simple questions-Is the device enrolled? Is it in compliance? Does it have any new applications?will allow the enterprise to make adjustments based on the data youre seeing. This information will tell you if you need to make new policies or compliance rules. Options that you can take include, but should not be limited to, sending a notification to the user with steps to be taken, blocking the device from accessing the corporate network and/or e-mail and wiping the device (full or selective wipe).