Mobile devices and applications have become an essential component of the modern workplace. On a daily basis, mobile devices are being integrated into the work environment. Across government, agencies are now exploring ways to implement bring-your-own-device policies, with the hopes that by allowing people to work on the platform they choose, agencies will be able to cut costs, increase morale and allow employees to be more efficient using the tools they are most comfortable with.
With BYOD, there are numerous challenges for agencies such as protecting information, increased risk of leaks of confidential information, and growing concerns of cyber attacks to mobile devices. As organizations start to consider BYOD, the security and compliance challenges are at the forefront.
I recently read a report by Cisco, The Cisco BYOD Smart Solution. The report had some interesting observations about BYOD, and why it has become one of the hottest trends in government. The report states,
Today, organizations have all kinds of devices on their networks. To manage the proliferation of personal devices, Bring Your Own Device (BYOD) policies have moved to the forefront for IT professionals. Users want seamless access to corporate resources no matter which device they use or where that device is connecting from. In addition, numerous types of devices don’t have users connected to them.
Cisco also has a lot of great resources and case studies on their BYOD Smart Solution page. The resources provide some best practices and ideas as to how to best get started with BYOD. As smartphones continue to become more common place, the use of a work phone and personal phone has become blurred. The desire for a seamless work experience has led many to using phones for both personal and work. With this phenonmena happening, agencies need to adopt and develop practices on how to handle multiple devices, and the desire for increasing use of BYOD. The report continues:
As the lines between personal and professional lives continue to blur, security is no longer a question just of how to keep people out; it is also a question of how to let them in. Moreover, new business requirements, such as the need to use collaborative applications, are driving the demand for greater flexibility and more choice, even as users demand the same levels of network performance and security. IT professionals must balance security and enablement so that users can collaborate with confidence.
The report continues to provide a great overview of some of the challenges for BYOD. Cisco identifies three core components of highly secure BYOD solution as policy governed unified access infrastructure, efficient and seamless security, and simplified management. The report also covers policy and enforcement, remote access, threat protection, and data protection. With BYOD, there are a lot of bases to cover to know that you are secure, and protecting critical information.
Does your organization have a BYOD policy? How have you handled security?
For more than 25 years, governments around the world have partnered with Cisco to address challenges and achieve strategic objectives. By working closely with government leaders like you, we glean insights that cultivate thought leadership and help us design, execute, and test solutions based on best practices and our partner ecosystem. These ongoing relationships have forged thousands of proven implementations across a variety of public sector organizations, providing continuous innovation in how communities are managed and renewed.. Check out the Technology Sub-Community of which they are a council member. |
How do you retain security with BYOD? Simple.
It’s not allowed, period. And I wouldn’t bring anything I own and hook it up to any government network.
Hmmm…no responses on BYOD from Gov Loopers….
I did find one that echos “real world” problems with this idea from feds.
http://www.nextgov.com/cio-briefing/2012/06/agency-owned-pcs-could-soon-be-relics-bygone-era/56408/?oref=ng-relatedstories#disqus_thread
Thanks Julie – good article. As you can see, the issues are complex and across both sides of the fence. Here, the VA wants to save budget, and everyone is looking for ways to do that. And for the BYOD person, convenience of use/phone app beneifts clash with the lack of training/understanding of the cyber security issues involved.I just attended a gov cyber security conference here in MI and was surprised at the number of attendees who did not realize their smartphones could have viruses. (Most there to hear latest on online hacker threats/solutions). The consensus was that training/motivation (using the carrot/stick principle) would need to be employed and enhanced as the use in workplace becomes even more prominent. We are working with experential gamification models to reinforce positive behavioral patterns reflecting the importance of device control whether laptops or smartphones.