Recent years has seen a surge in bring-your-own-device (BYOD) implementations thanks to a number of interconnected factors that demonstrate the benefits of such policies. The world itself is increasingly digital, and cloud technologies have made it possible to recruit and collaborate with talent around the globe.
COVID-19 has accelerated these trends, further driving the increase in remote work. Businesses initially resistant to flexible working conditions have been forced to adapt, and today there are more people working from home than ever. Allowing employees to use their personal devices—such as laptops, tablets, and smartphones—to access company systems and accounts has become essential.
In addition to the productivity benefits that come from allowing employees to use the devices they’re most comfortable with, BYOD has made the transition to remote work significantly easier for many organizations. Unfortunately, it also can introduce a variety of potential security risks. For example, the theft of an employee’s personal device can be disastrous if the device can give a bad actor access to sensitive corporate data. Also, employees might be less likely to regularly update their personal devices, meaning hackers have a better chance of exploiting the vulnerabilities of unpatched software.
Managed services providers (MSPs) looking to support their customers as they navigate the tricky terrain of BYOD need to be equipped to help implement and maintain secure policies. To avoid the above scenarios, MSPs have to help their customers set clear guidelines—which often requires a combination of careful planning and intelligent investments into software solutions to maintain security and mitigate risk.
Also, please note that we strongly recommend working with legal counsel before implementing any BYOD policies. Data sharing and ownership on personal devices can be thorny. The last thing you want is to find yourself on the wrong side of a lawsuit after wiping a device to protect corporate property and accidentally deleting an employee’s family videos and personal data. This is out of scope for this article, but please speak with legal counsel.
What you need for successful BYOD implementation
When a business begins to participate in the BYOD trend, they must acknowledge it can bring new risks into the organization. There are a few things MSPs should do to help these businesses increase security and approach implementation properly.
1. Create a clear and strong BYOD policy
When a customer first decides they want to implement a BYOD policy, they may or may not be fully aware of the many security (and privacy) pitfalls they might encounter as part of their efforts. That’s where an MSP comes in. You need to help your customers create strong policies that lay out how the personal devices of employees will be supported and regulated within the company. As mentioned in the introduction, please work with legal counsel to create and review these policies.
These policies can take many forms, but a few things they should be sure to include are:
- Approved devices: It’s important for employees to be aware that just because a BYOD policy is implemented doesn’t mean the employer forfeits their right to approve or ban a device. Given that not all operating systems are created equal in terms of security, MSPs need to work with their customers to decide which device types they will officially allow.
- Usage rules: Employee-owned devices will almost certainly store personal information alongside business information. While this can’t be avoided, MSPs can work with customers to find the best way to keep this data separated. For example, many businesses choose to use containers to keep business and personal data separate. This reduces the likelihood of business information being improperly shared. Corporate data is usually isolated from personal data through advanced encryption and authentication methods.
- Permitted applications: Choosing which applications are allowed can be challenging when employees are using their own devices—but it is essential that your customers understand the security and legal risks associated with downloading unauthorized applications. MSPs should work with customers to create a list of permitted applications for personal devices. The best way to prevent breaches through unauthorized application downloads is by using a software solution that will let you create allow lists and block lists for applications, which helps ensure no potentially risky applications are downloaded.
2. Implement security solutions to make external devices safe for company networks
Some of the key potential issues with allowing employees to use personal devices are related to security. To overcome these issues, MSPs need to help their customers ensure all employee-owned devices have sufficient safeguards in place. One of the best ways to do that is by investing in a software solution that includes malware protection, robust password management, and the ability to erase all business data remotely in the event a device is stolen or lost. For extra security, MSPs should also try to include employee-owned devices in the larger organization’s patch management schedule whenever possible. This will help ensure applications and operating systems are up-to-date, minimizing vulnerabilities associated with outdated programs.
3. Discover new devices on the network
Once a business implements a BYOD policy, there’s a good likelihood new devices will be added to the network frequently, all of which need to be monitored to help maintain security. But before those devices can be monitored, they first need to be discovered. Since it’s nearly impossible to manually track each device being added to your customer’s network, MSPs should consider investing in a software solution that includes network discovery capabilities. With the ability to automatically discover devices that get added to your managed networks, you can more easily maintain security and help ensure nothing slips through the cracks.
4. Make sure you’re able to monitor multiple different types of devices
Embracing the use of personal devices means embracing the fact that a variety of different devices will likely start being used for work. For example, even if a company exclusively uses Apple products, their employees may start using their personal Android devices for work. Successful BYOD implementation means being able to monitor all different types of devices your customers’ employees may be using.
Instead of needing to navigate between multiple disparate tools that each monitor a single type of device, MSPs should invest in a solution that can monitor multiple types of devices (including mobile devices) from a single console. By investing in software with comprehensive device compatibility, you can easily keep track of the devices on your managed networks and maintain security, regardless of the device type.
Staying secure with BYOD software solutions
MSPs looking to help their customers with BYOD implementations need a solution that can strike a balance between giving employees the flexibility of using their preferred devices—which has been shown to improve productivity—while increasing the security of the customer’s corporate network and data.
N-able™ RMM was designed specifically for MSPs as comprehensive software that helps with everything from patch management to streamlined mobile device management (MDM) activities. This software is scalable, easy to manage and configure, and highly intuitive. It features a range of automated capabilities that can significantly reduce the time commitment involved with managing BYOD policies, freeing your technicians up for more value-adding tasks.
As part of its features, RMM can also offer some of the capabilities of MDM software for MSPs looking to go even further when it comes to reducing risks for their customers. RMM allows you to configure detailed security settings on corporate-owned devices, in addition to using built-in GPS on mobile devices to locate stolen or lost tablets and smartphones. This software also keeps track of the ownership details for all devices on the network, giving you insight into device registration and the associated handset details. This establishes accountability by enabling you to track any noncompliance issues for a device back to the owner, which can otherwise be challenging (especially in large organizations with lots of employees).
In addition, RMM affords you control over the mobile devices in your monitored networks, giving you the ability to lock phones, wipe devices, or set and reset passwords—all without leaving your RMM console. You can even remotely configure email and Wi-Fi access on your mobile devices. This versatile tool supports all major device types, including Google, Android, Microsoft, Windows, and Apple iOS devices—meaning you can use it to support organizations whose BYOD policies include more than one device type.
Finally, RMM offers a huge advantage in that it goes beyond BYOD to include a range of other robust remote monitoring and management features. These integrated features allow you to efficiently oversee customer networks and environments from within a single, web-based console. Other features include endpoint detection and response, network path analysis, backup and recovery, web protection and content filtering, risk intelligence, and much more. This makes N-able RMM the ideal choice for MSPs looking for a complete RMM solution to meet their needs. Access a 30-day free trial of RMM here.