Developing Acceptable Use Policies and Mobile Security Policies
The rapid deployment and adoption of mobile devices has led to a very real need for Acceptable Use Policies and Mobile Security Policies. In my first blog post in this series, I will be discussing key points in developing policies around mobile devices and will give specific examples of language that I have seen used in employee communication of these policies.
Consider the enforcement
Any policy written isn’t fully useful if it isn’t enforced and reiterated. All users should know the policies upon hire. Also, keeping the policies relevant by communicating them on a regular basis is important. These policies should be treated the same way that HR policies are developed and referenced.
What to Consider when Building a BYOD Strategy
In my last blog, I touched on the first part of crafting a BYOD program: define your goals, assess your risk tolerance, and identify the key stakeholders in your program’s development.
The next step? Build your strategy. Here are a few things to consider:
Determine who will be allowed to bring their own devices
Many companies choose to slow roll BYOD, enabling only certain groups of employees in the first round and then opening it up to more employees at a later date. This allows them to test the waters before they dive right in.
Preparing your Enterprise for Mobile Device Management and a BYOD Program
I recently spent some time reading the recently released “iPass Global Mobile Workforce Report”, which is a good resource on mobility trends based on a survey.
Two statistics that I found especially interesting were:
- 91% [of respondents] use their smartphones for work, compared to 69% in 2010.
- 58% of mobile employees are provisioned smartphones by their companies; this is down from nearly two-thirds a year ago. 42% of employees have individually liable smartphones.
Smart phones have become a de facto work tool, however fewer of those smartphones are being provided by the corporation. Instead of carrying around multiple phones/tablets, we dual purpose our personal devices for work.
Bye-bye $200K Cell Phone Bill
OMG was my first reaction when I read an article about a man ringing up a $200K cell phone bill. The man is deaf and mute. He uses his cell phone as his primary way of communicating. He didn’t know about roaming charges and got hit for roaming on 2000 text messages and countless video downloads. Here is the article for your reference.
So think about the liabilities companies face today with employees using their corporate or employee-owned mobile devices for both work and personal use. Many companies pay for their employees’ mobile phone usage charges, how do they protect themselves from misuse or abuse and ultimately limit their financial exposure?
The cloud and MDM: Helping businesses help themselves
For businesses, mobility is the gold rush of today, with many looking to get smartphones into the hands of their employees as quickly as possible. By now, we’ve all heard about the inevitable risks of consumerization of IT, and the importance of mobile device management to get the most value out of enterprise mobility.
So now, businesses are preparing for the technology, putting most of their efforts toward weighing their options on smartphones. Sure, mobile device management is a consideration, and many believe that as long as they have any MDM solution in place, they’ve covered all the bases.
Consumerization of IT: Have your cake and eat it too
We can probably all agree by this point that smartphones have been good for business. And not just smartphones – tablets, Facebook, Twitter – all those technologies we like to use during our lunch breaks or when vegging out of the couch have also proven beneficial, in one way or another, in the workplace.
Now more than ever, companies are letting people take their personal devices to work or surf social networks in the office – a trend that’s often referred to as “consumerization of IT.” A more accurate title, though, may be “causing frustration for IT.” While employees and executives may appreciate the consumerization, it can create serious headaches for the IT departments that have to account for them.
The Security Side of Mobile Device Management
Previously, Ben had blogged about Why Mobile Device Management (MDM) is necessary for today’s enterprises. Today, I would like to touch on how to secure mobile devices. The main two components of securing mobile devices are 1) securing the connection between the mobile device and the corporate network, and 2) securing the device itself.
Securing the Connection
There are several ways to secure the connection to the corporate network while providing seamless access from any device, anywhere.
Why Mobile Device Management is necessary for today’s enterprises
Today’s enterprises require a mobile workforce with mobile devices. Having mobile devices that are unmanaged is like having a lot of desktop computers on your network without any anti-virus control—you’re opening yourself up to a lot of risk. The two biggest risks we foresee are stolen data and uncontrolled mobile usage costs.
In recent news, the iPhone 4 has been tracking where people have been and stored that data on the phone. It doesn’t take much for somebody to start rolling out viral apps. And if someone can roll out a viral app that can potentially get sensitive data from the phone, there’s a pretty big risk there. With a situation like this, when these malicious apps are about to cause problems, Mobile Device Management (MDM) can prevent these apps from hitting the device.