How to protect your network while allowing BYOD
Bring Your Own Device (BYOD) policies are changing the business world for the better. With fewer overheads and greater working flexibility for employees, it may at first seem as though you cannot find fault with this approach.
Unfortunately, BYOD comes with its risks. The more devices you add to your business’s network, the easier it is for breaches to happen.
Fortunately, you can have the best of both worlds. With our advice, you can adopt a BYOD policy and strengthen your network against attacks.
Tweak access for BYOD
When it comes to accessing data, different roles have different requirements. For example, in healthcare settings, doctors are likely to need different levels of data access to nurses.
Before incorporating BYOD into your business, arrange for role-based access. In addition to deciding who needs to access different types of data, identify who has a real need to access it remotely. By limiting access, you reduce the number of opportunities someone has to infiltrate your network.
Encourage updates
Operating system providers such as Apple, Android, and Windows routinely offer software updates to their users. In addition to making mobile devices run faster, it’s a reliable way to protect mobile devices against malware.
Each organization has an excellent reason for doing so, too. In 2017, malware attacks were up by 54% in the previous year.
If your users allow their devices to scan for updates automatically, they don’t have a chance to miss out on them. Additionally, they should allow the device to update when it needs to. For minimal effort, they enjoy an excellent trade-off in the form of better security.
Use Network Access Controls (NAC)
Network Access Controls (NAC) allow you to patch software across the devices that can access your network. When the software on devices that can access your network remains unpatched, it’s vulnerable to potential attacks. Relying on the device’s owners to do the work for you isn’t wise, making NAC necessary.
To police this, you can restrict access for those devices that aren’t up-to-date. If you make this process automatic, you’ll significantly reduce BYOD policies.
Request immediate notification of lost devices
Around 60% of people prefer using a smartphone when it comes to BYOD. Unfortunately, smartphones are easier to lose than tablets and laptops. They can slip out of pockets in an instant, and they’re an easy target for skilled thieves.
Make sure all employees who can bring their own device know to notify you if it is lost or stolen. You may want to provide them with an IT point of contact for if this happens.
Additionally, educate them on the ways they can lock their device remotely if it is lost or stolen. For example, they can notify Apple if they use an iPhone or iPad, and the company will block the device.
Use a remote wiping service
Finally, you need to have a way to guard yourself against someone accessing your company’s information if a device is lost. If an employee can’t be certain that their device hasn’t been stolen, you need to be able to remove corporate data from it.
In some cases, devices already come with this capability, such as Apple’s Find my iPhone service. If they don’t, you need to set one up before allowing an employee to use them. You can do this either by using appropriate software or by using a managed IT service.
At BEI Networks, we appreciate the flexibility that comes with BYOD policies, and we want to help businesses stay protected. To discuss making your network safer while allowing employees to use their own devices, contact us.