Bring your own device (BYOD) refers to the trend of employees using personal devices to connect to their organizational networks and access work-related systems and potentially sensitive or confidential data. Personal devices could include smartphones, personal computers, tablets, or USB drives.

As more and more organizations support employees working from home, maintaining a flexible schedule, or connecting on the go while on work travel or commutes, BYOD solutions have become more prevalent. Some companies may sanction BYOD, while others may consider it part of “shadow IT,” which refers to software or hardware not supported by IT.

BYOD security is an important topic for organizational leaders because personal devices are likely to enter the workplace whether sanctioned by IT or not. In many cases, BYOD solutions can improve employee productivity and morale. But, left unaddressed by IT, personal device access to an organization’s network can present serious security challenges.

IT departments must address if and how they will secure personal devices and determine access levels. Most importantly, a defined BYOD security policy should inform and educate employees on how to employ BYOD without compromising organizational data or networks.

Important elements of BYOD policies include:

• Types of approved devices
• Security and data ownership policies
• Levels of IT support granted to personal devices (if any)

A strong BYOD security policy should be integrated with overall IT security and acceptable use policies. As IT leaders determine the level of support they will apply to personal devices, they must ensure a balance between organizational security and employees’ personal privacy.

A BYOD policy is best implemented and enforced with the support of a BYOD security solutions such as Forcepoint's CASB (Cloud Access Security Broker). With Forcepoint CASB, an organization can identify and categorize cloud apps to access risk and pinpoint which services to allow and monitor. In addition, the solution can apply unique access and security policies on a per-device bases by easily distinguishing between managend and unmanaged BYOD devices. 

The advantages of supporting BYOD within your organization include:

• Higher employee productivity, according to a study that shows a 16 percent boost in productivity over a 40-hour workweek*
• Increased employee job satisfaction and retention through supporting flexible work arrangements
• Increased employee effectiveness due to more comfort and speed with their own devices
• Upgraded technologies are integrated into the workplace without IT spend on hardware, software licensing, or device maintenance

Disadvantages of employees using personal devices on the job could include:

• Possible data breaches due to lost or stolen personal devices or employees leaving the company
• Lack of firewall or anti-virus software applied to personal devices
• Possible IT cost increases if the department determines they will offer support to personal devices
• Lack of network

BYOD solutions can potentially create efficiencies in the way employees work. However, they also introduce vulnerabilities in the network through accessing sensitive data on unsupported and/or unsecured personal devices.

BYOD has both advantages and disadvantages, but its growing ubiquity means that all IT departments must be aware and proactive. Policies on BYOD management are becoming more prevalent within organizations and are important to addressing what can be a daunting security challenge.

*enterprise-cio.com