With a record-breaking number of iPads (22.9m) and iPhones (47.8m) sold in Q4, it’s no wonder tablets and smartphones topped the most popular Christmas gifts lists across Europe in 2012. Many of these devices will find their way into corporate networks and put sensitive company data at risk.
The surge in bring-your-own-device (BYOD) means IT departments need to adapt to demands from the user and ensure data is secure and available regardless of where it gets accessed. With careful device configuration and monitoring policies, simple file access, security solutions and the right planning, enterprise IT can control the risks and focus on the benefits of BYOD.
Here are five suggestions to IT managers preparing for the flood of privately owned mobile devices into the workplace throughout 2013:
- Adopt mobile device and file management (MFM) solutions
Companies need to ensure employees enrol any personal device that accesses the network into a corporate MDM system and combine it with a secure MFM system. This will automatically ensure secure access to corporate email and files. It will manage the necessary restrictions and policies that need to be applied, such as the requirement of an unlock code to access the device, secure and role-based access or blocking of a certain device from entering the network at all. A MDM system will also help to lessen the damage caused if a device is lost or stolen. MDM can easily erase sensitive corporate data remotely. In addition, it enables a company to set up a list of approved apps for business use and control file access strictly but efficiently.
- Conduct regular security audits
Adding more devices with different operation systems and diverse ways of connecting to a company’s network or IT systems will lead to more security challenges. Identifying them all is not a job any administrator can manage. Companies that want to profit from a more connected, data-driven workplace need to make regular security audits mandatory. They need to check the devices that connect to the network and to ensure the employees using them are treating confidential data reasonably, and to search for weak points in the security architecture. The overall goal of such audits is to discover which security issues need to be eliminated through more thorough configuration, additional technology, new guidelines or training for the employees.
- Integrate with a central management tool
While mobile device management will play a big role for any IT department, it will be easier to manage if it is integrated into the central network management tool. This will allow for continuity across the administration of the network and ensure a level of monitoring that meets any compliance regulations. It also lets the administrator know the exact details of a device accessing a file at any given time.
- Provide simple solutions
Employees need to have access to the right tools, otherwise they will opt for unsafe consumer-grade alternatives which are readily available. With the right solutions companies can manage file access securely. Synchronisation and filesharing can be managed by the company’s IT department. An ideal solution will include enterprise-grade security while guaranteeing all updates to files are sent back to the company’s servers and are part of its backup and archiving routines.
- Set up a business continuity plan
As the network becomes more and more complex to protect, administrators need to ensure that a quick recovery of IT resources is possible with very little impact on the business operations in the event of failures and problems. Every company needs to set goals for defined recovery points and recovery times. Planning for the worst with a comprehensive business continuity plan is key. Administrators and (in some cases) users need a step-by-step instruction guide on how to restore a business critical system that has failed. A unified backup and recovery platform that can protect data on any device anywhere in the business needs to be in place to support it. Inevitably, employees will lose or break their personal device at some point or another, and a company-wide plan will enable them to report the incident so IT can quickly wipe sensitive data from the device and deny it access to the network.
In today’s society, anything less than ‘instant’ is too slow. But with instant, anywhere access to company data and applications, come inherent security concerns. Organisations of all sizes need to seize the opportunity to create a more connected, data-driven workplace. The bottom line is: Sensitive data may travel outside the four walls of your organisation, but not outside the control of IT.