Everyone has an opinion about Bring Your Own Device policies. Regardless of what you think about it, BYOD ranks high on IT’s lists of mobile concerns and has companies and vendors alike scrambling to accommodate the growing proliferation of mobile devices. Still, we’re so caught up in talking about BYOD, that we haven’t considered how to actually create a BYOD policy. Until now.
Everybody Wants to Know
If you've browsed the many mobile management or mobile security groups on LinkedIn, you may have noticed the same question pops up now and again.
Business owners and IT managers alike want more information about how to create a mobile device management policy or a handy guide to help them through the process. The folks at Symantec noticed, too. They consulted the members of more than 65 groups to get a better understanding about how to approach creating an effective BYOD policy.
The results are presented in an info graphic (created by Render Positive) that helpfully takes IT managers through a flow chart of next steps and considerations.
Bring Your Own Device need not be so complicated. As more companies look to mobile applications as the next frontier of productivity and competitive advantage, the need to leverage the devices employees already own and know how to use effectively is more important than ever. But if employees are not accepting of the controls imposed to protect corporate data, company BYOD initiatives can go nowhere fast.
Focus on the Source, Not the Device
To be successful, a strategy should address the complex BYOD issues by focusing on the source of concern, the data itself and the applications that access it. Instead of trying to control the entire device, companies can intelligently apply controls to individual applications, without touching or affecting the rest of the device or the users’ personal stuff.
But it’s not just the device, it’s what’s on it that also needs to be addressed. Considerations must be made for both native apps, those installed on the device itself and cloud apps and services, and those accessed directly from the mobile device, typically with no corporate visibility.
- Are the appropriate controls and security policies being applied directly to each app, according to the regulations and risk tolerance around the data being accessed, stored and transmitted?
- Have you established an identity-controlled portal for monitoring the business use of cloud apps?
- Are users able to use single sign-on functionality to simplify access, while allowing IT organizations to control, limit and revoke access to third party apps and services from a central console?
An effective BYOD policy addresses the Who, What, Where, Why and How of mobile device and application management. It’s one thing to limit what employees can do and use, it’s another thing to have the right infrastructure in place to monitor and manage it.