Bring your own device (BYOD) is a concept that took hold after the invention of the smartphone. When phones got smarter, software developers began creating apps for those phones. Over time, mobile device use has overtaken desktop use at work.
According to Microsoft, mobile devices make up about 60% of the endpoints in a company network, 60%! They also handle about 80% of the workload. But they’re often neglected when it comes to strong cybersecurity measures.
At Allixo we have found this is especially true with employee-owned mobile devices. BYOD differs from corporate-owned mobile use programs. Instead of using company tools, employees are using their personal devices for work. Many businesses find this the most economical way to keep their teams productive.
Purchasing phones and wireless plans for staff is often out of reach financially for many companies. It can also be a pain for employees to carry around two different devices for personal and work use.
Unfortunately, we’ve found in many businesses Allixo has worked with, there are no cyber-security policies or data management policies for BYODs in place. You can run BYOD securely if you have some best practices in place. Too often, business owners don’t even know all the devices that are allowed to access their business data. Or which ones may have data stored on them.
Here are some tips to overcome the security and challenges of BYOD. These should help you enjoy a win-win situation for employees and your business.
Define Your BYOD Policy
If there are no defined rules for BYOD, then you can’t expect the process to be secure. Employees may leave business data unprotected. Or they may connect to public Wi-Fi and then enter their business email password, potentially exposing it.
If you allow employees to access business data from personal devices, you need a policy. This policy protects the company from unnecessary risk. It can also lay out specifics that reduce potential problems. For example, detailing the compensation or stipend for employees that use personal devices for work and what apps they can use for accessing company data.
Keep Your Policy “Fresh”
As soon as a policy gets outdated, it becomes less relevant to employees. Someone may look at your BYOD policy and note that one directive is old. Because of that, they may think they should ignore the entire policy.
Make sure that you keep your BYOD policy “fresh”. This means updating it regularly if any changes impact those policies. At Allixo we recommend reviewing any company policies with your staff on a regular basis.
Use VoIP Apps for Business Calls
Before the pandemic, 65% of employees gave their personal phone numbers to customers. This often happens due to the need to connect with a client when away from an office phone. Clients also may save a personal number for a staff member. For example, when the employee calls the customer from their own device.
Customers having employees’ personal numbers is a problem for everyone. Employees may leave the company, and no longer answer those calls. The customer may not realize why and get frustrated with your company and send their business elsewhere.
You can avoid the issue by using a business VoIP phone system that includes a mobile app. VoIP mobile apps allow employees to make and receive calls through a business number. Allixo has helped several clients utilize MS Teams Calling to solve this type of issue.
Create Restrictions on Saved Company Data
Remote work has exasperated the security issue with BYOD. While BYOD may have meant mobile devices in the past, it now means computers too. Remote employees often will use their own PCs when working outside the office.
No matter what the type of device, you should maintain control of business data. It’s a good idea to restrict the types of data that staff can store on personal devices. You should also ensure that it’s backed up from those devices.
Require Device Updates
When employee devices are not updated or patched, they invite a data breach. Any endpoint connected to your network can enable a breach. This includes those owned by employees.
It can be tricky to ensure that a device owned by an employee is kept updated. Therefore, many businesses turn to endpoint management solutions. An endpoint device manager can push through automated updates. It also allows you to protect business data without intruding on employee privacy.
The monitoring and management capabilities of these tools improve security. This includes the ability to safelist devices. Safe listing can block devices not added to the endpoint manager.
Include BYOD in Your Offboarding Process
If an employee leaves your company, you need to clean their digital trail. Is the employee still receiving work email on their phone? Do they have access to company data through persistent logins? Are any saved company passwords on their device?
These are all questions to ask when offboarding a former staff member. You should also make sure to copy and remove any company files on their personal device. Additionally, ensure that you deauthorize their device(s) from your network.
Let Us Help You Explore Endpoint Security Solutions
We can help you explore solutions to a secure BYOD program. We’ll look at how your company uses personal devices at your business and recommend the best tools. Allixo’s “Modern Office” can check all of these boxes for you and more. Contact us today for a free consultation.
Find out what we can do for you: Services — Allixo
Contact Us: Contact Us — Allixo