7 steps to a BYOD security plan
Your company’s security and BYOD can co-exist. And it starts with planning. Here’s how:
1. Identify the risk elements that BYOD introduces
- Measure how the risk can impact your business
- Map the risk elements to regulations, where applicable
2. Form a committee to embrace BYOD and understand the risks, including:
- Business stakeholders
- IT stakeholders
- Information security stakeholders
3. Decide how to enforce policies for devices connecting to your network
- Mobile devices (smartphones)
- Tablets (e.g., iPad)
- Portable computers (laptops, netbooks, ultrabooks)
4. Build a project plan to include these capabilities:
- Remote device management
- Application control
- Policy compliance and audit reports
- Data and device encryption
- Augmenting cloud storage security
- Wiping devices when retired
- Revoking access to devices when end-user relationship changes from employee to guest
- Revoking access to devices when employees are terminated by the company
5. Evaluate solutions
- Consider the impact on your existing network
- Consider how to enhance existing technologies prior to next step
6. Implement solutions
- Begin with a pilot group from each of the stakeholders departments
- Expand pilot to departments based on your organizational criteria
- Open BYOD program to all employees
7. Periodically reassess solutions
- Include vendors and trusted advisors
- Look at roadmaps entering your next assessment period
- Consider cost-saving group plans if practical
Implemented properly, a BYOD program can reduce cost while increasing productivity and revenue. As BYOD goes mainstream in IT departments, security should be front and center for users and IT administrators alike.
Sophos solutions
We also
offer a free Android
malware scanner. It scans all your Android apps for malware and protects against loss
and theft with a remote lock feature. Start protecting your Android device today.