10 Pitfalls to Avoid When Implementing a BYOD Program

 
 
By Chris Preimesberger  |  Posted 2014-09-19
 
 
 
 
 
 
 
 
 
  • Previous
    1 - 10 Pitfalls to Avoid When Implementing a BYOD Program
    Next

    10 Pitfalls to Avoid When Implementing a BYOD Program

    by Chris Preimesberger
  • Previous
    2 - Not Communicating With Employees
    Next

    Not Communicating With Employees

    Without open communication with employees, no BYOD program can be successful. A BYOD rollout should flow downhill. Executives should enroll their devices first, communicating the capabilities and privacy features before deploying throughout the organization. That way, employees are aware of what the solution can actually do before they are using it themselves, and see that the management team is committed to implementing BYOD.
  • Previous
    3 - Not Enforcing Passcodes on Devices
    Next

    Not Enforcing Passcodes on Devices

    BYOD devices house all sorts of sensitive corporate data. Documents, emails and images are all susceptible to being lost or stolen if the simple step of setting a password is not taken. Although it seems self-explanatory, many companies overlook this key step in making sure a BYOD program is successful. Once devices are enrolled, be sure to enforce passcodes with a relatively high level of complexity to keep that corporate data safe from prying eyes.
  • Previous
    4 - Not Protecting ActiveSync
    Next

    Not Protecting ActiveSync

    Most mobile devices on the market today have enabled ActiveSync, Windows Mobile software that allows users to sync Windows Mobile and other Windows CE-based devices with a Windows-based PC or Exchange Server. There are certainly benefits to the service. The problem lies in the fact that IT administrators have limited control and insight when it comes to ActiveSync. If a device is lost, for example, administrators have to rely on employees to tell them, giving thieves plenty of time to access sensitive corporate data.
  • Previous
    5 - Not Managing Email Profiles
    Next

    Not Managing Email Profiles

    Consider this one the ghost of email profiles past. Email profiles often remain active even after an employee leaves a company—with obvious security ramifications. To combat that, most administrators are faced with completely wiping devices. With an enterprise mobility management (EMM) system, however, administrators are able to configure and manage profiles, meaning they can selectively remove the profile from a device without touching the other information on the phone.
  • Previous
    6 - Not Enforcing Encryption
    Next

    Not Enforcing Encryption

    Even with a passcode enabled on a device, intruders can still get in. Encryption exists to protect data in that case, but unfortunately many companies do not take advantage of it. Thankfully, there are various encryption options for IT administrators to consider, whether it's the whole device or just a corporate container.
  • Previous
    7 - Not Providing Education and Training to End Users
    Next

    Not Providing Education and Training to End Users

    Organizations today are sensitive to users who do not choose to enroll in EMM for privacy reasons. Administrators stand to gain important insight from some of the most sensitive tools, such as keeping lists of downloaded apps and keeping track of the location of a device. The key here is to communicate openly with employees and let them know what is being tracked and to allow them to opt out if desired.
  • Previous
    8 - Not Setting Minimum Requirements on OS Versions
    Next

    Not Setting Minimum Requirements on OS Versions

    With new operating systems—or versions thereof—coming out frequently, employees are sometimes behind the curve when it comes to downloading the latest version for their BYOD devices. This is bad news for employers, as older versions may have vulnerable apps or information, making any older device a weak link. To combat this, administrators need to be able to monitor and enforce updates and be able to employ tactics like blocking emails if devices are not updated.
  • Previous
    9 - Using the Same Apple ID for Everyone
    Next

    Using the Same Apple ID for Everyone

    This happens more often than you would think, even though Apple urges against using the same Apple ID for multiple people or devices. However, some organizations still do this, making it difficult to identify devices and control app purchases. Administrators need to enforce separate IDs for each user, and should push apps to individual IDs.
  • Previous
    10 - Not Restricting Corporate Data Flow
    Next

    Not Restricting Corporate Data Flow

    Whether administrators like it or not, employees use data-sharing apps like Dropbox in the majority of organizations. Even if the app is managed, employees are still able to transfer internal information. The key here is to integrate fully with a container-based approach where content is directly pushed to a container app on the device that can be controlled by restrictive policies. That way, administrators can remove corporate content on demand from these devices without having to worry about data leaks.
  • Previous
    11 - Not Doing Due Diligence When Considering BYOD
    Next

    Not Doing Due Diligence When Considering BYOD

    Many organizations don't take the critical step of figuring out why they need BYOD before they implement it, and they don't consider how employing a management solution will affect the current state of things. Therefore, many groups are surprised when old capabilities are suddenly blocked. Administrators need to be sure that EMM is meeting needs and not impeding them, and evaluate and identify the requirements of workers before moving forward.
 

Ever since the iPhone and Android personal smartphones began being used on a regular basis in business contexts about six or seven years ago, the bring-your-own-device (BYOD) phenomenon has been a big factor in daily business in most countries. People naturally gravitate toward devices they know how to use well in order to get a task completed. A good BYOD strategy allows employees, business partners and others to use personally selected and purchased client devices to execute enterprise applications and access data in a secure manner. However, like anything else disruptive in business, there are many pitfalls if an enterprise—no matter what size—doesn't plan its BYOD strategy accordingly. For example, one of the major issues is that most mobile devices are designed to share data in the cloud and have no general-purpose file system for applications to share, increasing the potential for data to be easily duplicated between applications and moved between apps and the cloud. In this slide show, developed with eWEEK reporting and industry perspective from the IBM MaaS360 Secure Productivity Suite's customer platform services team, we discuss some issues companies often don't think about before deploying BYOD.

 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Rocket Fuel