Security Think Tank: BYOD – key tenets and best practices

The consumerisation of IT is happening despite policies, rules and regulations, and organisations are learning fast that their employees are rebelling against a "managed" IT landscape and are instead demanding a "market" one, with freedom of expression.

Download this free guide

2018 UK IT Priorities survey results

IT organisations in the UK and across Europe are starting to accelerate the move to the cloud. Read more about the key areas in which senior IT managers are planning to invest in over the next 12 months.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

• • I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

  Please check the box if you want to proceed.

• • I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.

  Please check the box if you want to proceed.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

The IT organisation is now charged with delivering this change – efficiently, effectively and as securely as possible. Mobile device management (MDM) is widely deployed on corporate-provided devices, but rarely on employee-owned consumer devices for reasons of cost.

According to The Corporate IT Forum’s Enterprise Everywhere Conference and Consumerisation of IT Summit reports, there are some key tenets and best practices emerging:

• Replicating traditional corporate IT levels of control in a consumerised world misses the point and is probably impractical.
• The quid pro quo for consumers in a new world of freedom is their responsibility to look after the organisation’s data.
• Privacy is a major factor in consumerisation – it means you have to effectively sandbox company data from private data.
• Controls should be applied to the data rather than the device.
• Provide guidance for app developers to control access to information on devices.

• Read more on BYOD and MDM from the Security Think Tank

  • Governance should determine strategy for BYOD
  • Embrace BYOD, but be wary of the risks
  • BYOD security: policy, control, containment, and management
  • MDM is no BYOD silver bullet
  • BYOD means the map is no longer the territory
  • BYOD – a challenge and an opportunity
  • MDM just one way to lower the risk of BYOD
  • Management is key to secure BYOD
  • Cloud, BYOD and security – lock your doors
  Set operational principles on the use of allowed cloud services.
• Keep policies and processes up to date – revising the IS policy every two years is inappropriate.
• Consider data sensitivity – look at apps, build a risk assessment and decide whether it sits within your risk or outside it.
• Employee agreements that address wiping personal and corporate data must be active, not passive, with signatures and human resource records.

Ollie Ross is head of research at The Corporate IT Forum.