Did you think you were just getting used to BYOD and juggling the benefits it brings with the security risks it also entails? Well, get ready, because there is another Bring Your Own phenomenon on the way, and it will potentially bring more headaches to already stressed out IT departments.
The new phenomenon is Bring Your Own Network (BYON). This is, as the name suggests, when employees use their mobile phone’s cellular connectivity to set up a personal hotspot. This means they can, in some cases, bypass the corporate network and access websites, apps and other services that are otherwise banned by IT.
Users could also potentially access corporate information and sensitive data on these networks, which are usually unsecured and unmonitored by IT.
In some ways this presents similar issues to BYOD; ensuring sensitive corporate data remains secure and protected while allowing workers all the tools they need to be productive. However, while IT can put rules and policies in place to govern mobile devices, such as Mobile App Management (MAM), securing networks set up by employees could prove more difficult.
There are of course regulations in place to ensure data is protected. The Data Protection Act (DPA), PCI DSS and ISA’s ISO270001 all govern how businesses should look after data, who they should allow to access it and what to do in case of a data breach. What is important to realise is that wherever the data is, and whoever and whatever is accessing it, it remains the responsibility of the business to ensure its protection.
That’s why data protection is so important. The penalties for data breaches are severe – not just financially but also in terms of potential damage to a company’s reputation. That doesn’t mean businesses have to protect each and every device and ban workers from accessing sensitive data – that will just lead to frustrated workers who will take more risks in order to get their jobs done, such as creating their own network.
If the data is protected at its source, and who and what can access it is strictly controlled, then IT does not have to fear the rise of BYON.
Having MAM in place could negate the need for employees to set up their own personal networks, while also ensuring businesses comply with the regulations mentioned above. IT will be able to control the device as if it was one it had provisioned, allowing it to access all necessary applications and data while keeping the employees personal data completely separate. Workers are free to use the device exactly how they want.
For IT workers, it may seem like there is a new problem to solve each and every day when it comes to workers and their mobile devices. If it’s not a lost device it’s employee-owned devices or, as we’re seeing now, employees setting up their own networks.
But the key here is to protect what’s important: corporate data. Don’t worry about the devices themselves. Control the access. Control who can access corporate data, what they can access, where they can access it from and what devices they can use. Get that aspect right and BYOD and BYON can become easy to handle and act as a great enabler for workers to be more productive.