Bring Your Own Device (BYOD)

Introduction

Bring Your Own Device is an arrangement whereby the employees are permitted to bring their own personally owned devices such as laptops, tablets, or mobile phones to work and to use them to access the enterprise’s resources.

This form of use of personal devices for work became especially widely spread with the onset of the COVID-19 pandemic where many companies enabled remote and flexible working arrangements to get the work done.

And although the overall concept of remote work with the use of devices not belonging to organisations presents an attractive solution, it also comes with its own security risks and challenges.

BYOD security challenges 

The main security challenges for organisations employing a BYOD model include:

• Ensuring personally owned devices and their owners comply with company policies and procedures
• Increased support for a wide range of device types and operating systems
• Protecting corporate infrastructure
• Protecting the personal privacy of the end-user/device owner
• Ensuring legal compliance and meeting contractual obligations

Planning for BYOD

Before implementing BYOD, an organisation should determine what approach will be best suited. In order to do so, an organisation should work through the following five actions to choose and implement the best BYOD solution:

1. Determine the organisation’s objectives, user needs, and risks
2. Develop the BYOD policy
3. Understand additional costs and implications
4. Decide on a deployment approach
5. Put technical controls in place depending on the deployment approach

Read next week’s blog entry to find out the first steps an organisation has to make in the process of determining its objectives, user needs, and risks when considering the implementation of the BYOD solution.

About this article

This post is based on an article from the NCSC UK. To read the full version of this article click here.

Related posts

Add a comment