Bring Your Own Device: 3 Tips for Secure Implementation in Your Workplace

When you hire an employee, do you allow her to use her personal tablet or smartphone for work so she can stay connected to the office on the go? If so, your company is part of the growing trend of BYOD, or bring your own device. In fact, 89 percent of businesses worldwide allow employees’ mobile devices to connect to corporate networks, according to a recent survey by the Cisco Internet Business Solutions Group.

BYOD benefits businesses by allowing employees to work flexible hours, at home or on the road. While some businesses achieve that aim by issuing company-distributed mobile devices for work use, I believe that practice will wane. The Millennial generation transforming the workforce is less tolerant of the notion of carrying two mobile devices and more comfortable and productive when using a single device for both personal and business communications. The savvy company will embrace employees’ desire to work from their own devices, including allowing them to use Android, Apple, Windows or whatever mobile platform or operating system they choose.

Related Article: BYOD for Small Business

However, there’s no doubt that having company data accessible from a variety of personal devices carries increased risks of a security breach, whether from hacking, a virus or malware unknowingly downloaded by an employee. That’s why it’s essential that you talk to the head of your IT department or a consultant about measures you can take to protect company and client data, including:

• Implementing a mobile device management system or MDM. Simply put, an MDM is an app your employees load on their favorite tablet or smartphone that allows the company to protect its information and install additional business-related apps. The MDM system will, at a minimum, secure your business data so you can retrieve or erase it without affecting the other data on that device, such as personal photos and messages. These tools can also go further by allowing the company to establish schedules or even locations where employees are or are not allowed to access business data on their mobile device for security reasons. Expect to pay a small monthly fee for this type of service, as most are Internet-based and priced per user. However, the peace of mind for any business owner will be well worth the price.
• Preserving login and email trails. As more of our business software programs are stored in the cloud, business owners need to be aware that hackers may be looking for vulnerabilities in the system. Make sure the system on which you store business data has an audit trail that tracks every employee’s login, as well as what information they upload or download from your company’s systems. Note: This only works if each employee is using his or her own unique username and password. The audit trail will come in handy when it comes to tracking suspicious activity as it happens (for example, dozens of unsuccessful attempts to log into an employee’s account), as well as to find out “whodunnit” after data has been compromised. Many companies are now adding email archive tools, which capture every message employees send and receive, even if an email is deleted from the inbox. These archiving tools are getting less expensive as more people sign up. They can keep messages for years, which you can reference and search through as needed for legal or regulatory requirements. (Consult with your legal counsel to determine whether you are required by law to archive emails to certain standards.)
• Using two-factor authentication. Consider that your employees may be using the same passwords at work that they use on other websites across the Internet. If those passwords get stolen by hackers, they could be used to log into your customer relationship management (CRM) software or your accounting system through the Internet. Installing one extra method of verifying your employees’ identities will thwart that effort. At my company, employees need more than a username and a password when they log into corporate email or use our CRM. With two-factor authentication, a username and password are validated by the software application, then a second method of verifying the user’s identity is required. In our case, an app on our mobile phones displays a secure code that changes every 10 seconds; the employee must enter this code in order to log into our corporate databases. There are many variations of two-step authentication. Your IT department or consultant can advise you on methods that will work best with your software.

BYOD and business security don’t have to be a challenge, no matter the size of your business. Establish a policy on the acceptable use of mobile devices, and make clear to employees the ways in which the company will secure corporate information if it resides on an employee’s tablet or smartphone. There is much to gain from empowering employees to work from anywhere. With a little planning, you can make the experience both productive and secure.

A version of this article originally appeared here.

Author: Robby Hill, Founder of HillSouth, is an entrepreneur at heart. Having started a school supply business in fourth grade, he was working professionally building websites at age 12 for a Fortune 500 company. He took his passion for website design and built a hybrid IT consultancy + website design firm at the age of 17 that now employs over 20 people. His firm recently launched a healthcare IT practice that has propelled it to an incredible growth rate and statewide success.