You’ve read it time and time again. “Bring Your Own Device” isn’t a trend, it’s the future. Workplaces where companies let workers use their own devices for work purposes are the new normal. BYOD attracts new hires and lifts employee morale and productivity. But this doesn’t mean a small business owner should recklessly jump right into BYOD just because everyone else is doing it. Data and network security concerns have to be thought out, defined, and addressed in a comprehensive BYOD policy. Here are three things to consider.
Cost of Support
Most businesses salivate at the thought of the money saved by having employees participate in a BYOD program. With employees using their own devices for work, there is no need to shell out thousands of dollars for desktop PCs, smartphones, tablets, and laptops. While that’s undoubtedly a huge incentive, extra support costs must also be factored in. Chances are your employees aren’t necessarily tech savvy and will need help deploying applications and performing basic yet very necessary maintenance techniques. Unless you have a dedicated IT support team, which most SMBs do not have, you will need to turn to a Managed Service Provider (MSP) in your region for support. A MSP can provide specialized expertise and leverage Mobile Device Management (MDM) tools to keep your network infrastructure and business applications monitored, secured and fully optimized.
Limited Number of Support Devices
Obviously you can’t accommodate EVERY employee-owned device. Limiting the types of devices accepted in your BYOD program will mitigate any need to pay for software or equipment upgrades for outdated devices and keep your infrastructure safer as a whole. It’s important to not be too exclusive, select a broad range of devices and their more recent releases to accommodate the varied preferences/tastes of your employees.
Adopting BYOD at your workplaces will expose your company to more legal risks. Sensitive business or private client/customer data can potentially be exposed if devices are lost or stolen. The personal online habits of your employees can also increase your network’s vulnerability to viruses, phishing, or hacking schemes designed to steal such data. These increased legal risks are another reason why SMBs must take precautions such as working with a MSP that offers a solid MDM solution to ensure all employee devices are configured, deployed, managed and monitored in a manner that prioritizes data integrity and security.
More people today use personal mobile devices like smartphones and tablets for business purposes. Such devices, coupled with greater Wi-Fi accessibility and cloud services, have empowered us with the ability to access data and do business from practically anywhere at anytime.
Needless to say, many small-to-medium sized business owners have embraced the BYOD (Bring-Your-Own-Device) revolution. The benefits are obvious; increased employee productivity, enhanced services to customers/clients, and better overall customer and employee satisfaction.
But what about the potential consequences associated with this mobility revolution? Are small business owners doing enough preemptive planning to address potential risks that could arise with the use of BYOD devices?
Mobile Device Management – Questions Every SMB Should Ask
First, it is important that small business owners honestly assess whether their systems, networks, data, and overall infrastructure are ready for the use of an array of mobile devices.
What particular devices or applications are permissible for work use? Assuming security requirements are in place, not every device or application will meet those.
Will anyone in the company be tasked with the daily management of BYOB strategies? What should BYOD policies cover and what kind of management solutions will be needed? Would a BYOD management tool that collects device information, deploys and monitors usage, and offers insight into compliance be helpful?
Which costs will be the responsibility of the employee? This pertains to any fees associated with usage – from network plans, to the device itself, to software, accessories and maintenance costs.
What data will be accessible? Will data encryption be necessary for certain information traveling through the personal devices of employees? Which employees will have read, write, update/delete privileges?
What is the process when handling sensitive data stored on lost or stolen devices, or the personal devices of ex-employees? Does the company or organization have the right to wipe out the entire device or just corporate data and apps?
BYOD is here to stay as it affords smaller-sized companies the mobility of a corporate giant without a huge investment. But when it comes to ensuring that devices, applications and networks are safe from the variety of threats linked to greater mobility, small business owners may find it necessary to enlist the help of a managed service provider to adequately take on mobile management challenges and provide ongoing consultation.
4 Essential Pieces to Any Small Business BYOD Strategy
Believe it or not, once upon a time, kids at the bus stop didn’t have cell phones and the mobile device strategy of many businesses was typically you’ll take what you’re given, refrain from using it for any personal use, and the data may be scrubbed clean whenever we please.
We’ve come a long way. Today, businesses really have no choice but to let employees use personal devices for work purposes. Blurred lines now make it difficult to differentiate between what is professional and what is personal. A company or organization may partially pay for an employee’s tablet computer or smartphone, but that same device is used to upload photos to Facebook or download torrents of this season of Game of Thrones.
Naturally, security and privacy issues are a concern since these devices synch to the company network. Larger corporations may be able to hire IT support or produce sophisticated BYOD guidelines for employees to adhere to but smaller businesses have limited resources.
In fact, recent surveys suggest that the small business sector is doing very little to preemptively prepare for potential network security risks that could arise with the use of BYOD devices. This could prove to be disastrous.
According to market stats from a survey conducted by Cisco in 2012, approximately 88% of employees are doing business on personal devices. However, only 17% of companies currently have a BYOD security policy in place, and only 29% of companies have plans to implement a mobile device security plan in the near future.
Implementing a comprehensive BYOD policy right now, rather than when it’s too late, is important. We’ve compiled a list of four items that any business currently building a BYOD strategy must consider.
It must clearly be outlined what specific devices are permitted for work use.
The company/organization must have the ability to remotely delete company-sensitive data from mobile devices without the device owner’s permission. Remote deletion capabilities are much more refined these days; simplifying the removal of enterprise-related data from devices, while leaving other content like personal photos, contacts, apps and music downloads intact.
Employee privacy should be discussed within the BYOD policy since employees often use these devices to check personal email, browse or post to Facebook and Twitter feeds, instant message, and store personal documents, photos, music and movie downloads. Employees must understand that employers still have access to the content stored on these devices. Location tracking, which gives employers the ability to locate employees, is also something to discuss since many people don’t necessarily welcome that kind of surveillance.
It is understandable that BYOD and more mobile employees have some small business owners feeling anxious and nervous. But mobile management tools, periodic conversation, security checks, and research will do wonders when it comes to keeping small businesses safe.
Everyone in the office loves Eric. Sporting a different ironic t-shirt everyday, Eric is the one we call when technology spits in our face. Whether it’s a slow system, a bug that needs to be squashed, a website issue, or a crash that results in unexpected downtime and data loss, Eric is right there. Not only does he get to the bottom of any issue but he also rights the ship like he’s some sort of miracle-working captain who just happens to have a pretty wickedly funny Peter Griffinfrom Family Guy impersonation.
But business is growing and Eric is overworked. Eric has certain skills that you’d love to use to develop innovative applications and revenue-generating projects– but he’s too busy running around fixing things that break. Or he’s performing the most mundane and routine tasks day-in-and-day-out just to keep things secure and running smoothly.
You get a sense that Eric’s overburdened and he’s saddled with too many responsibilities. His demeanor has changed from pleasant to moody. He’s listening to angrier metal and punk music and you’re noticing cracks in his work. You fear Eric is being pulled in too many directions and the reliability of your server, network, and applications, as well as the integrity of your data, are all at risk.
Someone who has watched a bit too much of Donald Trump on The Apprentice might think Eric should be fired. We’re not going to fire Eric. But we’re also not going to hire a full-time salaried Robin to his Batman or Cheech to his Chong. We’re going to help Eric by exploiting IT automation and managed services to handle many of the monotonous tasks making Eric hate his job right now.
Let’s help Eric…..
Focus Primarily on Cost-Cutting and Revenue Increasing Projects: First things first, Eric has to realize that he can’t do everything himself. Where are his skills best used? Whether it’s processes that help drive down costs or ones with the potential to raise revenue, evaluate the projects in the queue and rank them by what impacts the bottom line the most.
Once that’s done, look at the day-to-day processes designed to keep things running securely and efficiently. What can be off-loaded from Eric? Determine which of those tasks can be automated either through the cloud or managed services.
Take to the Cloud: Some IT people fear the cloud spells the end to their job security. Meanwhile, the cloud can actually help them take on a more prominent contributing role in the company’s success. The cloud should be seen as another tool that further eliminates the mundane yet necessary daily drudgery from their workday. Those who work WITH the cloud will find that they have more available time to take on more meaningful cost cutting or revenue generating projects.
Use a Managed Service Provider: Using outsourced managed services not only alleviates much of Eric’s pressure and stress, but also boosts productivity and gives the company a much improved ROI (Return-on-Investment) on their technology investment.
While technology has gotten easier for the end user, it has become more complex on the backend with the advent of virtualization, cloud computing, and advanced infrastructure.
Using an MSP gives Eric access to a trusted advisor, a 24/7 help desk, remote monitoring and management tools, mobile device management tools, and much better disaster recovery and business continuity solutions. All without the overhead that comes with hiring more help for Eric. MSPs offer a consistency to not just your end-user but also your main IT guy who will certainly appreciate the help.