Lindsey Donato
Senior Consultant 

As technology advances and new mobile devices emerge daily, businesses need to continuously evolve their security strategies in order to protect their organizations. There is a rise in employee demand for workplace flexibility, the ability to work remotely and while on the go. More and more millennials are taking over the workforce and insisting management allow them the use of their own mobile devices for work. CEOs are also pushing for more flexibility in their IT environment. Salespeople want to make engaging presentations without bringing along paper documents. The Bring-Your-Own Device, (better known as “BYOD”), movement is inescapable. The trend is innovative, and it may increase productivity, but it is also places increased pressure on IT departments to manage and secure data and devices. CIOs and IT departments must craft a policy that delicately balances the privacy rights of its employees with the company’s right to access, monitor, disclose and protect company data. So how do they do it?

BYOD Security Policy

IT security policies vary by industry. The type of data that a company obtains, processes and publishes will determine which regulatory requirements and compliances must be followed. Organizations need to be particularly careful if Payment Card Industry (PCI) data or Health Insurance Portability and Accountability Act (HIPAA) content is part of their day-to-day operations. Organizations should thoroughly review all pertinent compliance areas for their business to ensure critical security issues are addressed. The following eight steps can help businesses get a handle on how to safely approach BYOD:

  1. Review Current Security Policies and Set New Policies as Needed
     
  2. Educate the Staff and Set Clear Expectations
     
  3. Plan Ahead and Make Some Determinations About Acceptable Devices
     
  4. Classify User Groups and Data Types
     
  5. Require a Personal Identification Number (PIN)
     
  6. Implement Mobile Device Management (MDM) Software
     
  7. Plan For Missing/Stolen Devices
     
  8. Review Policy Compliance Regularly

Every business is different and security needs will vary. But regardless of industry, BYOD will make its way into the business technology landscape. By planning appropriately, implementing security measures and MDM, maintaining inventory of devices and knowing what to do when one goes missing, companies can embrace this trend. Employees can work remotely, efficiently, freed from their desks, while employers, technology departments and CIOs can still sleep at night.

BYOD Best Practices Guide

 

Sources Used:

http://www.cio.com/slideshow/detail/103232#slide1

http://www.zdnet.com/10-steps-for-writing-a-secure-byod-policy-7000006170/

http://www.networkworld.com/community/blog/six-tips-byod-security-ibm

http://searchconsumerization.techtarget.com/tip/Mobile-device-management-checklist

Litigation Support Services

Advisors | Auditors | Consultants | CPAs – BlumShapiro is one of the premier consulting firms in New England and a Top 100 CPA Firm in the U.S. Our professionals serve companies in Boston (MA), Hartford (CT), Cranston (RI), Shelton (CT) and Quincy (MA) with technology consulting, business valuations, litigation support, project management, process & controls and bankruptcy consulting services. We are a Intacct Partner offering accounting software including Cloud ERP solutions. Learn more about our City of the Future offerings.