Bring-your-own-device doesn't have to be a disaster for your organization. Plan ahead and create a good policy with these tips.
Bring Your Own Device will happen. Your company will find
the benefits outweigh the possible headaches brought about by this change in
the way we approach business technology. For many IT administrators, BYOD is a
nightmare in the waiting. The security, the policies, the data loss and network
bottlenecks – it all spells disaster.
It doesn't have to. With a little advance work, you can prepare your company for a successful BYOD adoption. Let's take a look at just how you can manage this.
1. Solidify password policy
You're going to have a lot of users using devices on your network that will also be taken nearly everywhere. You do not want weak passwords, such that they can be easily 'hacked' and give access to your company data to the wrong people. For this, you need to instate a strong password policy across the board. Also, make sure you require regular password changes. Your end users will balk at this; but, in the end, it will be worth the security gained. Those complaining end users will need to know why this new policy has been put in place.
2. Require device registration
Each and every device brought into the company will need to be registered. What you should get from that registration is: Device type, carrier (if applicable), MAC address, and user. With this information you are better armed to track down users who are abusing the new BYOD policy. With the MAC addresses of devices, you will be able to block offending users from using your network.
3. Limit supported platforms
When you open the floodgates to BYOD, you can easily wind up having to support Windows, Linux, OS X, iOS, Android, Blackberry, ChromeOS, and who knows what else. This can place a burden on your staff that is unnecessary. Instead of risking this, decide which platforms you plan on supporting and make this list known to the end users of the company. If users bring in unsupported platforms, do not allow them on the company network.
4. Educate your employees
Employees need to understand the risks involved with BYOD. They need to know how important it is to keep anti-virus and anti-malware up to date. They also need to know how best to keep data secure on their devices and that they should never use those devices on unsecured networks. Their education could easily become a class in Mobile Security 101. But better take the time in the front end, than wind up dealing with the ramifications of having an end user unwittingly open your network up to exploit.
5. Expand your infrastructure
Your end users are going to be taking up more bandwidth. This means more powerful wireless is going to be necessary. Instead of dealing with a bottleneck on the network, make sure you're using equipment that can handle the load. Do not rely on consumer grade wireless routers. You will also need to make sure you have a large enough incoming pipe to allow for the extra traffic coming in from end users working from various locations.
6. Tighten up network security
Your network will need to be locked down. Period. This means you cannot safely rely on built-in firewalls across the board. Purchase a hardware-based firewall (such as a Cisco, Sonicwall, or Fortinet) and make sure you get it up to speed quickly. You will also want to make sure all domain admin passwords are solid and that all security patches are applied to servers.
7. Create a company cloud
Instead of having remote users (using their BYOD devices) accessing your company infrastructure, you could create an isolated cloud (or even use Google Docs) in order for those users to easily (and safely) access the files they need to work on outside of the LAN. If you don't need a full-blown solution like Google Docs, purchase a business-class Dropbox or SpiderOak subscription and allow those users access to that.
8. Audit your network
You need to know what's on your network – down to every piece of hardware. Before you unleash the BYOD hounds, do a full audit on your network so you are completely aware of every device on site. This way, when new devices start popping up (and causing problems), you'll be able to better pinpoint the issue.
9. Redefine your support policy.
BYOD could cause you to spend more time supporting end-user devices than you have to spare. You need to rewrite your support policies to include end-user devices. The policy needs to specify: Which platforms you support and to what extent you support said platforms. It should state that you are not financially responsible for end-user devices, that you will only allow/support devices that follow company guidelines, and that you do not support/troubleshoot carrier-related issues... anything that protects you and your company from being abused by BYOD.
10. Define accepted applications
There are going to be a lot of applications used on your network – from social networking tools, to games, to chatting... you name it. You must define the type and titles of applications that you will support and/or allow on your company network. You cannot allow yourself to get into a position where you're having to troubleshoot why an end user's tablet isn't streaming music from Spotify.
BYOD is inevitable. Many administrators are dreading the flood of devices that will inevitably cause more work and more headaches. But if your company takes the time to prepare for BYOD, these headaches can be dramatically lessened (if not avoided all together).
Give some thought to what I have outlined and compare it to what your company already has planned for BYOD. Hopefully, with these ten ideas, your company can implement BYOD successfully and painlessly.