Resource Center

7 Best Practices for BYOD

1. Implement remote wipe from the enterprise 1. Implement remote wipe from the enterprise

As the number of personal devices being used grows, the chance that one of them will be lost or stolen also increases. Given that, a remote wipe that can be generated from within the enterprise can prevent many headaches in the wake of misplaced devices.

2. Provide simple workable solutions that even novices can use 2. Provide simple workable solutions that even novices can use

Your workforce contains varying levels of technology aptness. Therefore, the solutions provided need to contain appropriate functionality and be easy to use. 

To provide the agility needed to manage work on a personal device, solutions should allow users to log-on to the user interface and access a list of their enrolled devices. From there, they should be able to locate their device, lock it, reset its password or wipe it. The user interface should be able to self-audit the device and report compliance issue.

3. Build a facility to deal with terminated employees 3. Build a facility to deal with terminated employees

Even before an employee leaves the enterprise they are a security risk. That risk is magnified once the process of termination begins – whether voluntarily or involuntarily.

4. Protect sensitive and personal information 4. Protect sensitive and personal information

Personal devices are full of personal information, documents, and applications that are on the device for non-work purposes. There should be a way to identify personal- versus corporate-owned devices, and apply a particular policy to hide the personal information from IT administrators.

Advertisement
5. Implement a records management policy for business records 5. Implement a records management policy for business records

Records management is a critical compliance requirement and should be controlled by the enterprise and not left to the individual user. A clear definition of what is a business record and how it should be saved and archived should be defined.

6. Isolate corporate data 6. Isolate corporate data

When supporting BYOD, you need to be able to isolate corporate data on the device, which includes, but is not limited to: Mandated records management requirements for archive and reviva, disaster recovery and business continuity implications, e-mail accounts, VPN and wireless settings, enterprise applications that have been pushed down and documents.

7. Continuously monitor automated actions 7. Continuously monitor automated actions

The enterprise should have the ability to monitor the state of each device accessing the network whether it is approved or not. 

Answering simple questions – Is the device enrolled? Is it in compliance? Does it have any new applications? – will allow the enterprise to make adjustments based on the data you’re seeing. This information will tell you if you need to make new policies or compliance rules. Options that you can take include, but should not be limited to, sending a notification to the user with steps to be taken, blocking the device from accessing the corporate network and/or e-mail and wiping the device (full or selective wipe).

This outline is based on suggestions from consultancy Janco Associates, and is based on a slide show created by our sister publication, Insurance Networking News.
For more thought leadership and news on BYOD and mobile BI, click here.

All images used with permission from ThinkStock.

Advertisement

After defining compliance, cultural and operational requirements for BYOD, how do you get the policy side of the equation in place? Here is a slide show of best practices for establishing your personal mobile use policy.

 

Login  |  My Account  |  White Papers  |  Web Seminars  |  Events |  Newsletters |  eBooks
FOLLOW US
Please note you must now log in with your email address and password.