A couple of years ago companies were dismissive of BYOD, but as they've realized that the horse left the stable, they are adopting policies and next generation technologies to help manage BYOD. They also recognize that successful mobile security requires a cooperative partnership with employees, so are working with them to determine what policy works best for both parties, allowing BYOD to become part of the enterprise mobile security framework.
+ ALSO ON NETWORK WORLD 12 big BYOD predictions +
As mobile security matures, some of the burden on IT has been alleviated. Thanks to next generation technologies, there are several things enterprises no longer need to do in order to keep mobile data secure. Here are five:
* Invest developer and IT time wrapping apps -- Mobile security in the enterprise used to be synonymous with containerization. Traditional solutions included containers and app wrapping, which relied on software development kits (SDK) to modify and secure applications. These approaches required business development relationships to get access to the mobile application source code and forced developers and IT to invest time to use the SDK to secure the application initially, as well as every time the application was upgraded.
Needless to say, these were time-consuming cycles. However, next generation mobile security offers the ability to secure applications on-demand at the employee's request without the intervention of IT. Next generation mobile security vendors are offering on-the-fly app wrapping that doesn't modify the original app code, as well as the ability to attach dynamic app policies that give security professionals the controls they need. Now IT can confidently allow functional departments and employees to serve themselves, giving them immediate access to the applications they prefer, enabling productivity. Before, IT was a bottleneck having to constantly approve, wrap and maintain application security. Now, IT can allow the employees to use the apps they want, without sacrificing security.
* Use containerized apps and app ecosystems -- The removal of reliance on SDKs for securing apps has eliminated the need to create app ecosystems. Today, enterprises can simply utilize any application available in app stores for iOS and Android as well as internally developed applications. Businesses are no longer constrained to a handful of applications, which have agreed to work with particular mobile security vendors. Now they can move at the "speed of business" and access the millions of mobile apps available today, while preserving the native user experience of the app, staying up-to-date with new versions, and having instant access to emerging applications.
* Require MDM -- MDM doesn't apply in a BYOD world. Employees resist having an application installed on their personal devices that monitors personal as well as work related activity. Additionally, contractors and external vendors won't accept device profiles as they may be working for several different clients and can't share that information. However, by changing the focus from securing devices to securing the data, you eliminate the need to manage devices. Not only can personal and work related activities be cleanly separated, but greater visibility, security and control at the document level is now possible, all without managing the device.
* Infringe on privacy -- The No.1 concern of employees embracing BYOD is privacy. Employees fear their personal activities are being watched and that once they are locked into an MDM solution, their personal data -- contacts, family photos and more -- can be wiped at any time. In order to achieve compliance you need to win the trust of employees, and paying attention to their privacy concerns is key.
Privacy dashboards and dual personas allow companies to not only provide users with visibility into what IT is and is not tracking, but also ensure that only business data (not personal) will be wiped if a security situation arises. Some solutions even grant employees the freedom to un-enroll temporarily and reclaim their phone as a personal device. Whether on vacation, a date night, or just hanging out with friends for an hour, an employee can temporarily opt from accessing work related apps and data, without compromising security.
* Manage devices and apps using multiple dashboards -- With the new era of mobility, IT no longer needs to use multiple dashboards to manage different devices - they can be viewed through a single pane of glass. Web based consoles now support centralized administration of both managed and unmanaged devices for IT convenience. It is now possible to integrate the device, application and user data management in one place instead of entering different portals to manage each one. By providing all three tenants of mobility management in a single pane, IT can make more informed decisions much quicker.
BYOD raises many issues for IT and the enterprise in general. However, there are ways to enable users to bring their own device, enhancing productivity without sacrificing security. Adopting a BYOD policy that is user-friendly and that secures corporate data will ensure that the goals of the enterprise and IT remain intact while ensuring user buy in - a necessary component of any security policy or program.