Photo: Chip Salyards, BMC Software.
With the proliferation of smart devices, employees today expect to seamlessly manage their private and professional lives from the touch of a button on their personal devices.
A few months ago, I came across an article on how the BYOD (Bring Your Own Device) phenomenon was posing a constant headache for companies, despite bans they had imposed on the use of personal devices within the office network. The article cited a common, and rightful, cause for concern among the companies: the fear of compromising business-sensitive data.
Considering how rapidly the IT environment has changed, one can understand why so many CIOs are losing sleep over how best to deal with the explosion of personal devices at the workplace and the insistence of workers in bringing their personal devices to work. With the proliferation of smart devices, employees today expect to seamlessly manage their private and professional lives from the touch of a button on their personal devices.
BYOD — Ban Your Own Device?
In my experience, banning the use of personal devices at the workplace, in order to combat security threats, is not an option CIOs should even consider. Having access to the company network, and by extension to company data, on their personal devices makes employees a lot more mobile and agile. It also allows them to work from offsite locations at any time of the day; they are, therefore, better placed to quickly respond to any unexpected changes to the business environment. In such a situation a BYOD policy, implemented with the necessary security protocols in place, can help companies realise the benefits promised by IT.
Manage smart; manage well
The best way to respond to BYOD is by managing it well. Having a revised, dynamic corporate IT policy can go a long way in keeping your business executives, as well as employees, happy. While there are no standard sets of guidelines, set in stone, on how best to tackle the BYOD phenomenon, here are some guidelines:
• Bolster security
IT departments must ensure adequate security measures are put in place to account for the presence of external devices on company networks. For example, it's imperative to have good identity and access management capabilities and strong user authentication systems in place to make sure only authorised employees are able to access sensitive information stored on company networks. Sensitive company data should also be protected through strong anti-malware capabilities as well as encryption and passcodes.
• Involve your employees in the decision-making process
When defining a dynamic corporate policy on the use of personal devices in the workplace, it is best to involve your employees in some capacity during the decision-making process. By doing this, CIOs can learn about the needs of employees and respond accordingly.
Sign up for CIO Asia eNewsletters.