May 05, 2015

Choosing Your Own Device Policy for Security

It's the week of the General Election, with MPs out on the campaign trail trying to muster up those last few votes that could make all the difference. While out knocking on doors and talking to the media the aim is to impress, whilst also avoiding gaffes and foot-in-mouth moments like forgetting which football team you support or pulling a funny face whilst eating a bacon sandwich.

There are however other, maybe less obvious, gaffes to avoid. Whilst away from the office MPs and candidates will want to keep in contact with each other as well as keeping up to speed with the latest news and events. We now have a range of personal devices available to us to keep in contact, including laptops, tablets and smart phones - known as BYOD ("bring your own device). Whilst these have had a positive impact by boosting productivity (working anywhere at any time provides employees with flexibility and control), it also increases the risk of security breaches that could leave a trail of red faces. In effect, there are any number of devices being used by the workforce with access to company networks and proprietary and private information.

That’s where the alternative of a CYOD, or "choose your own device" policy, can make a difference.

CYOD provides employees with a list – and variety – of company-owned devices that they choose to use. While CYOD provides similar benefits to employees, it also provides better safeguards and data security all around.

Here are 10 reasons why every workplace should consider a CYOD policy:
  1. Mobile policies. Your company should have a mobile strategy of some kind in place. According to Acronis 2013 Data Protection Trends Research conducted by Ponemon Institute, approximately 60% of companies still don’t have security policies regarding the use of mobile devices. 
  2. Job satisfaction and flexibility. Employees still have the freedom to choose their own device. CYOD just narrows choices to a pre-approved list of company owned devices.
  3. IT control. CYOD ensures the control of information security is in the hands of your IT department and removes the risk of staff using devices with little information security. 
  4. Private information stays private. All devices are pre-installed with security software and set up with the appropriate administrator, firewall software and network settings. 
  5. Peace of mind. When sensitive files travel outside the office (and they will), the company can rest assured encryption and other protection is being utilised to protect the data.
  6. Culture of security. Effective protection comes hand in hand with an organisational culture of total security; a CYOD policy should be part of a comprehensive information security policy.  
  7. Control of downloads. Employers decide which apps, information and functions are authorised.
  8. Password protection. IT sets up devices with the latest information security tools including password protection, one of the most basic safeguards. In the Acronis 2013 Data Protection Trends Research conducted by Ponemon Institute, only 31% of organisations mandate this fundamental security tool on personal devices.
  9. Lost device? CYOD allows companies to delete sensitive data remotely if a device is lost or compromised. Also, the device is retrieved if an employee leaves the company.
  10. CYOD maintains control when a device is outdated or not working any more – it is important that any sensitive information be securely disposed of. Hard drives must be physically destroyed to ensure data cannot be recovered. Speak to your document shredding company about hard drive destruction.