Imagine for a moment a world where you don’t have to distribute devices to your employees and can instead rely on your team to provide them. With Bring Your Own Device, or BYOD, businesses can leverage employee-owned devices to their advantage for work-related purposes. There is a catch, though: you have to make sure they’re used safely.
What is the Threat Surface Level?
While adding helpful new devices to your infrastructure can be great for productivity, the danger is that each new device is another entry point to your business’ data infrastructure.
If you have more devices on your network, there’s more opportunities for threats to take advantage of them to access your data. Even if the device is something as simple as a smartwatch, it could potentially be another entry point to your business’ network. Therefore, if you want to support BYOD as an operational model, you need to make sure there are policies and procedures in place to keep devices secure and controlled to a certain extent.
In general, you should be practicing appropriate security on any devices that access company data, so this is as good a reminder as any.
Control Your Access Control
Access control is also a hot-button issue with BYOD, as you need to know which devices can access data on your network.
One simple rule to follow is that no one, not even you, should have access to all data on your network. For example, sensitive data used by human resources and payroll should only be accessed by those departments. The idea is that you can limit the danger presented to certain types of data by limiting who has access to it.
We recommend you limit access to data based on job role and duties performed so as to not expose data to threats unintentionally.
What Goes Into BYOD?
There’s more to BYOD than just access control; in fact, we recommend you also include blacklisting/whitelisting apps and remote wiping into your strategy.
Blacklisting and whitelisting gives you the ability to keep your employees from using tools that aren’t approved by your IT department. Furthermore, remote wiping gives you the power to wipe devices even if you don’t have access to them physically. It’s a great way to keep your business secure, even if it's a last-ditch effort.
If you need any help implementing security solutions for your business, Phantom Technology Solutions can help. Learn more by calling us at (800) 338-4474 today.
Comments