Mike Pesina is the Manager of Internal Systems & Technologies at Velocity Technology Solutions. He has been with Velocity since 2012.
Not too long ago, Gartner outlined its Top 10 Technology Trends for 2014
, one of which really struck a chord with us here at Velocity: Mobile device diversity and management.
Gartner warns of the unexpected consequences of bring your own device (BYOD) programs, where lines of business or even executive level staff green lights the use of personally owned devices within the enterprise. BYOD can triple the size of an enterprise’s workforce because employees can choose to sign into the network and get their work done at any time, and from any location.
On the one hand, BYOD makes a lot of sense; enabling employees to use a device of their choosing saves on hardware costs and increases productivity. On the other hand, it opens the enterprise up to undeniable risk. Consider that employees can easily:
- Use a host of apps that are out of corporate or regulatory compliance (e.g. send Facebook private messages while on a trading floor, or a use a built-in phone camera in a restricted facility)
- Download company confidential information to their home computer, or sync it with their Dropbox account via their tablet
- Sign in to Salesforce or HR database to retrieve personally identifiable information (PII) data via an app with a sub-standard level of encryption, or via a non-secured Internet connection in a coffee shop
To mitigate these risks, IT departments need a suite of tools that help them monitor who accesses the software systems and sensitive company data, and under which conditions. Multiple layers of defense are required to protect your business from data security breaches. Velocity uses multiple layers of spam management in its mail collaboration system alone to protect who can access this data. Another example of a tool that can protect your data is to force mobile devices to connect to remote terminals such as Citrix or Remote Desktop Services which allows the data to stay local to the employers system and not transferred to mobile devices. Adding proper network security which forces users to use VPN solutions to access the company’s resources further strengthens the overall security strategy one offers. The key is to ask yourself, ‘How does my business protect its data, as well as its customers’ data?’ Proper network and infrastructure security are critical in the overall methodology and approach required to protect a company.
All of these devices add new challenges to IT. For instance, how can IT monitor software performance if employees access enterprise systems from outside the corporate network? Or ensure that negotiated service level agreements (SLAs) are met? And how can IT ensure that its systems are optimized for each device used by employees?
A strong IT department requires pro-active management tools that help them monitor items such as software usage patterns, auditing, asset discovery/inventory, and policy management such that one can record the volume of transactions that succeed (or fail) by device type, region, office, department and even individual.
These are urgent issues given that employees who bring their own device into the enterprise typically bring their own cloud-based app as well, including storage and back-up apps that allow them to bring company sensitive data and files wherever they go. It’s no surprise, therefore, that Gartner wisely recommends:
“Enterprise policies on employee-owned hardware usage need to be thoroughly reviewed and, where necessary, updated and extended. Most companies only have policies for employees accessing their networks through devices that the enterprise owns and manages. Set policies to define clear expectations around what they can and can't do.”
Creating a bulletproof policy is merely the first step. IT leaders will also be required to review these policies and adapt. Reviewing policies is one thing; enforcing them is another. To do that IT needs to gain complete transparency, insight, and control over who accesses enterprise applications, as well as how efficiently those systems are able to support – and secure – the business. Protecting customers’ data should be the #1 responsibility and constant commitment.
For your organization, one thing is certain: Insight and transparency into employee-owned devices is a top concern for 2014 and beyond. Now is the time for business leaders to create and mold their business technology and incorporate BYOD as this movement is here to stay. Offering means to an employee’s ability to work anywhere and anytime is necessity for your business to succeed in the long-term.