BYOD (Bring Your Own Device) is the increasingly popular and common practice of employees bringing their personal devices to use at work. Many people who own laptops and smart phones are more proficient at using their own devices than their work-issued hardware. People tend to self-identify with the technology they use. The devices they use become a method of self-expression.
Beyond mainframes and servers, IT hardware is increasingly becoming a more consumer-focused industry. Many companies are becoming less concerned with -whether their employees are using company-issued black ThinkPads so long as they are doing good work and producing desired results.
While once employees were strictly forbidden from accessing work documents and databases from personal devices, the practice is now more widely accepted and in many cases even encouraged. This is partly because technology makes it possible for employees to work remotely, outside of and sometimes beyond the traditional 9 to 5 working hours. Much of mainframe computing has moved to the web, which is not limited to the workplace. Employees are now able to access databases and systems through online portals and secure VPNs.
Management as such now requires IT departments to support an increasing number of device types. This proliferation of personal devices in the workplace has introduced a number of new challenges. However, there are also opportunities for cost savings and other benefits to be had from allowing employees to use their own devices at work.
Inevitably, BYOD will become more common and then mainstream. Organizations that fear change will fight against it as long as possible, but it will eventually occur. Forward-looking organizations are already embracing the shift. Companies will need to implement technology and policies so that critical data remains secure even when accessed through employees’ hardware.
Technology issues of BYOD
Workers are learning to expect to achieve things via mobile devices. With iPhones and androids, they can manage so many of the productivity needs of their personal lives. It is foolish to think that someone cannot be equally as productive with their mobile device while on the job. To cope with the large variety of devices that employees could be using, it is critical that most security measures run on the mainframe itself rather than on each individual device.
Also, sandboxing techniques can be implemented to prevent other installed software from gaining access to data, secured network resources, and other confidential areas of the mainframe. Data on the remote devices should be encrypted when it is stored remotely, when it is in transit between the device and the mainframe, and when it is being processed on either end.
One of the most obvious technology measures that must be in place for any BYOD program is the requirement of password locks and the ability to wipe company data remotely. Many personal cell phones and mobile devices are left unlocked, or are protected only by a four digit pin. Neither of those are sufficient protection for access to information on the mainframe. The BYOD device should have the equivalent security of a work-issued device. Also, just like with a work device, management should have the ability to change passwords, revoke access, and wipe data remotely in the event that the device is lost or stolen.
Policy issues of BYOD
BYOD can make it difficult to balance support requests. Help desk staff cannot be expected to support basic functionality across all devices. Their responsibilities should end with the effort to ensure that users are able to access the mainframe and other shared resources. However, they will often be called upon to troubleshoot device-specific issues, which can be challenging and time-consuming, especially if they don’t have the device on hand.
Organizations that support BYOD must still be careful to be compliant with privacy rules such as HIPPA and the Payment Card Industry Data Security Standard.
Password management programs such as ReACT and cross-platform encryption programs such as MegaCryption make it possible for employees to use many kinds of devices to access and manage the mainframe tasks they are assigned to perform. If your company is beginning to adopt BYOD policies, you will need a powerful cross-platform password management program. Sign up today for a free trial of ReACT.
