The Bring Your Own Device (BYOD) policy has become commonplace in many workplaces. With more and more individuals bringing their personal devices to work, IT professionals face the task of balancing employee freedom with security risks. Given the growing storage capacities of laptops, tablets, and cell phones, these units can contain millions of records of confidential data.
This article focuses on end-of-life strategies and best practices to mitigate data breaches common to personal devices.
Written Policies
All organizations MUST have a BYOD policy. If your company allows personal devices to be used for in-house work, there MUST be clear policies regarding security. Companies that do not allow employees to use personal devices should explicitly state that in their policy guidelines.
Create SOPs to Address BYOD
These policies should outline what is expected of employees in advance of using their personal devices, what control the company has over these devices, and mandatory encryption of such.
Options available to employers:
Installation of Enterprise Mobility Management (MMS) software on personal devices. MMS software allows for mobile wiping, locking, encryption, and other security features. However, these features may be expensive for small and medium-size businesses.
Require device-security protocols such as encryption, PINs, remote-find features, and remote-wipe capabilities. Various providers, such as Google, offer these services for free.
The implementation of employee-departure procedures. Company policy must REQUIRE employers the right to inspect and remove proprietary data from personal devices.
Use of a third-party entity to wipe and restore mobile devices. CyberCrunch™ is a division of Commonwealth Computer Recycling and provides BYOD wiping and restoration services.
BYOD can be a great option for both employers and employees, but safeguards need to be in place to ensure that confidential data is protected. By establishing and implementing robust BYOD security policies, employees can take advantage of using single devices for both work and personal use, and businesses can safeguard their confidential information.
Commonwealth Computer Recycling’s CyberCrunch™ division focuses on providing business with BYOD management. Contact us for more information about our BYOD services.