IT, not BYOD users, must control mobile device encryption

Originally posted on TechTarget, “IT, not BYOD users, must control mobile device encryption” by Craig Mathias

As freeing as BYOD can be for employees, it can mean more headaches for IT. Organizations need a BYOD policy and EMM strategy to help IT mitigate BYOD security risks. IT administrators are the gatekeepers of mobile security, but BYOD users threaten to usurp that power.

The BYOD movement rose to prominence based on the notion that employees would likely be more productive with devices they actually want to own and use, along with a demonstrable operating expense cost savings and enhanced convenience — because who wants to carry two devices, different or otherwise?

Want to Know More?

But the movement comes with its own set of issues. IT must counter BYOD security risks with measures such as encryption of sensitive information, authentication to make sure only authorized individuals can access that information and management of these functions. Thankfully, these security measures aren’t that hard to implement today, with the availability of cost-effective enterprise mobility management (EMM) tools. EMM includes the configuration-centric mobile device management, mobile content management (MCM) and mobile application management (MAM).

From a security perspective, MCM gets right to the heart of the matter. The most common and effective technique is the implementation of secure containers that enable encryption and control of sensitive information. MAM prevents unauthorized applications from accessing or distributing this data.

There is no such thing as absolute security, but the combination of MCM and MAM can be very effective, removing end users from the policy decision making and implementation that’s best left to IT.

But making EMM-based mobile security work effectively and efficiently has its challenges. Here are some best practices IT should add to its mobile security checklist when supporting BYOD users.

Have a cross-platform EMM strategy

There’s no need to support every, or even a majority, of the possible mobile device and OS pairs employees might use in the workplace. But whatever IT’s chosen EMM tool is, it must fully support any and all supported platforms. Admins should avoid multiple EMM products and never make end users responsible for encryption, because employees do not own or control organizational data. IT must carefully test each OS release for compliance with local policies.

Make sure required policies, agreements and regular reinforcement are in place

Every organization should have a security policy defining what information is sensitive, who can access data and under what circumstances, and what to do in the event of a breach. A BYOD policy detailing supported platforms, cost reimbursement mechanisms and end-user responsibilities should be a requirement, along with an agreement to that effect. An acceptable use policy is also highly desirable, but admins should check with legal counsel for the specifics. Loose lips do indeed sink ships — security holes can lead to data leaks or breaches — so IT should give employees polite but firm reminders on the importance of security on a regular basis.

Stay up to date on new products, services and threats

No one should assume EMM is a mature market; there’s still a great deal of evolution in products, technologies and services, including wholesale obsolescence and forced upgrades from time to time. IT should plan to check in with EMM vendors regularly. Smaller firms may be able to rely on vendors to identify new threats and other security issues, but larger firms should have ongoing access to specialized knowledge to avoid embarrassing — not to mention harmful — security failures. Having the best EMM tools at their fingertips will help admins fully support BYOD.

Tips for new work from home employees

So you've been set up to work from home (WFH) for the forseeable future. Here are a few tips we have as WFH experts with decades of experience. Talking to yourself is totally acceptable - it’s called “staff meeting” Yes, you can wear your jammies to...

Mobility program Do’s and Don’ts for COVID-19 response

VINCENT FRISINA Many of our customers are in the midst of transitioning their in-office employees to work remotely due to the COVID-19 pandemic. Here are some of the Do's and Don'ts of deploying a work-from-home workforce as part of your disaster...

Why Telecom Expense Management Matters

VINCENT FRISINA ← Back to blog home The types of costs and expenses we incur directly relate to the products and services our businesses provide. Telecom expense management encompasses the tools and methods used to minimize costs and allocate...

Managing wireless data pools is like playing the Price is Right

Telecom expense management encompasses a huge array of communications tools. One of those tools is wireless data connectivity. Mobile data continues to be a critical aspect in how employees get their jobs done. Determining how much data to buy each month can be a time-consuming and laborious process based on a previous month of billing and usage data. How do you hit a moving target each month to ensure you’re buying just the data you need without going over?

Why Wireless Expense Management Outsourcing May Work For You

We’ll look at a few terms and concepts surrounding Visage-based service providers to help put your mind at ease with the idea of outsourcing a small part of your wireless expense management workload, or an entire branch.

How to cancel your CEO’s unused device without getting fired

We’ll give you a couple of strategies to minimize costs before actually going in for the disconnection kill. In fact, these strategies are so successful you may even want to deploy them to others in the company.

Increase Savings Realization by Sending Email

Visage Mobile has a lot of data about what works, and what doesn’t, when managing wireless programs. One thing that data shows us, over and over again, is the powerful impact email communication has on end-user behavior as it pertains to wireless spending and usage.

T-Mobile DIGITS Reinvents the Way You Buy Wireless Service….Again

T-Mobile recently opened their DIGITS service to a public beta test. The service allows mobile numbers to be used on multiple devices at the same time, or for a single device to have multiple mobile numbers.

Are your users giving away corporate data?

In her article “Report: Holiday Upgrades Ripe for BYOD Privacy Risks,” Diana Goovaerts at runs down a research study by Blanco Technology Group (BTG).