Allowing workers to use personal phones and tablets to do their jobs has created security risks in the workplace, but those risks can be minimized if they’re managed. What should such a risk management program do? “The first step is you have to protect the device,” said IBM Application, Data and Mobile Security Director Caleb Barlow. “That includes everything from provisioning and deprovisioning a device to insuring that you have a way, if the device is stolen, to wipe — in a legally defensible way — the enterprise data off it,” he said.
It may become a tough task for the IT manager to prevent any risks while the workers are using all the possible devices to share sensitive information. Especially when a company is big enough.There may be thousands of scenarios of how the data may disappear or leak.
In my opinion BYOD is the future of business because the mobility and flexibility it provides is truly outstanding. There is no going back from this trend, so I think companies should concentrate on risk management and educate their employees on how to use their devices properly in order not to cause any problems with company's data. As for the security and backup solutions, Acronis, for instance, can really provide protection for important data without too much discomfort for users.
I personally find the policy of BYOD quite handy and cost-cutting for companies. I don't any problems at all for the company if they allow such policy. Any firm has only provide some secutiry measure by setting up monitoring and backup software. The choice of such tools are superb and it can satisfy anyone on the market. For example, our company has recently decided to have Acronis as a new backup solution. We hope to get more protection in the company.
BYOD is a big test of trust in a corporate enviornment, and the question to data access and security between personal and business data is the $1 millon question. We were looking to bring in a larger MDM system for BYOD at our hospital, but the doctors (who own the hospital) felt it was to intrusive since they all wanted to use their own devices, but didn't want IT to have total control over them. Still, they wanted the ability to send HIPAA compliant patient info (mostly text messages) to admin and other doctors. We changed our stratagy and started looking for individual apps to deal with the various security issues. Example: to allow for HIPAA text messaging, we got an app (Tigertext.com) which is HIPAA compliant, and installed it on all the doctors devices. It auto-deletes the messages after X period of time, and IT can still wipe the device if it is lost or stolen, but the doctors didn't feel it violated thier 'privacy' which made it acceptable to them. They accepted the app, because they had a role in choosing the option of MDM or the app.
Loading ...
BYOD Security Is All About Juggling Risks
Posted by: John P. Mello Jr. September 23, 2013 09:00 AMAllowing workers to use personal phones and tablets to do their jobs has created security risks in the workplace, but those risks can be minimized if they’re managed. What should such a risk management program do? “The first step is you have to protect the device,” said IBM Application, Data and Mobile Security Director Caleb Barlow. “That includes everything from provisioning and deprovisioning a device to insuring that you have a way, if the device is stolen, to wipe — in a legally defensible way — the enterprise data off it,” he said.