Bring your own device (BYOD) policies are on the rise, and not just at startups: recent surveys have shown that over 70% of organizations either have a BYOD policy in place or are planning to introduce one. The benefits, from lower hardware costs to increased employee satisfaction, are clear. Unfortunately, so are the drawbacks – increased IT support costs and heightened security concerns among them. One surprising answer to these concerns may be cloud computing.
The Challenges of BYOD
BYOD policies buy flexibility on the employees’ end with a decrease in centralization and standardization on the company’s. Employees may choose to do their work from different devices (such as computers, smartphones, and tablets), on different operating systems, and from different locations. This may include accessing company data from unsecured networks and using devices or browsers with security issues or ones that aren’t compatible with file types used. This increases the burden on a company’s IT department, as they may need to become fluent in supporting a number of different platforms.
Cloud Computing’s Answer
While cloud computing may seem like a step away from controlling company data and employee access, it actually allows a company to add a layer of abstraction between employee devices and company resources. This layer can then be optimized for security and access.
Moving documents to the cloud, for example, allows the cloud-based service to enforce its own access protocols, and may also allow for more sophisticated locking, check-in/check-out procedures, and version tracking/control. Cloud services may offer two-factor authentication and other protocols for access management. And if an employee’s device should be stolen, having documents in the cloud – rather than allowing local copies to be kept on the user’s device – mitigates the risk.
Cloud computing can also be made more secure by mandating the use of certain policies and tools:
- DNS firewalls. Part of the appeal of BYOD policies is the ability to work from outside a company office, whether at an out-of-state conference or a local coffee shop. But these unsecured hotspots may be attractive targets for opportunistic hackers. DNS firewalls, so long as they’re kept up-to-date with accurate threat data, can safeguard activity on unsecured networks.
- Standardized software. Even if the devices show startling diversity, the software run on them doesn’t need to. Employees can be required to access company resources using certain applications on their devices, or even to use Software as a Service cloud applications. This narrows the scope of what IT needs to keep an eye on.
- Requiring appropriate devices. A BYOD policy doesn’t have to mean that anything goes. A company can meet employees halfway by allowing them to use one of a variety of devices – so long as those devices meet minimum hardware and OS requirements, or come from a pre-approved list. Options available could be validated by IT departments to ensure that they are free of major security vulnerabilities.
There’s no one-size-fits-all BYOD implementation, and cloud computing isn’t the only tool available. To learn more about the perils and payoffs of BYOD, contact us today.