The rise of bring your own device (BYOD) has seen upsurge in productivity but also an increased exposure to the risks associated with data exposure. Unsecured devices paired with unrestricted access to sensitive corporate data can wreak havoc on a company should a serious breach or misuse of information occur. Though not a BYOD-related incident, the highly publicized holiday shopping season hack of Target has made IT managers all across the country a little more apprehensive about their current security policies.
So how can a business take advantage of all the positives that BYOD offers while appropriately mitigating its risk? Taylor Short, Managing Editor at Software Advice, studied Intel’s BYOD policy and uncovered the secret to the multi-national company’s success with its BYOD rollout. According to Short, trust and communication are key to a successful BYOD policy and have been vital to the progression of Intel’s mobile device strategy.
IT Senior Principal Engineer at Intel, Alan Ross offered some recommendations for company’s wrestling with mistrust due to BYOD. He’s listed three factors that have allowed Intel to successfully roll out a BYOD policy – one that covers an astounding 30,000 employee mobile devices that are logged into their system daily.
Clarify What Can and Can’t Be Seen
According to a MobileIron survey, employees are growing increasingly distrustful of employers as the number of personal devices in the workplace rises. In fact, only 30% of respondents said they “completely trust” their employer to keep their personal information private. Additionally, as seen in the infographic below from MobileIron, 41% of employees have a false sense of security, believing that corporate can’t see any information on their devices, when in reality, it can.
What has Intel done to reduce the trust gap? They’ve opted to communicate clearly what IT can see and what it cannot see on employees’ smartphones and tablets. The company maintains a detailed list of frequently asked questions about BYOD coverage on Intel’s employee portal and trains the IT service desk, available 24/7 via a support line, to answer any questions employees might have about BYOD monitoring.
Create a Clear Separation Between Personal and Company Data
Yet another way that Intel aims to build trust among employees concerning its BYOD policy is by creating a clear division between personal and corporate data. BYOD devices are fitted with two distinct spaces. This allows employees to, as Short puts it, literally see what IT can and cannot access.
Such partitions are beneficial for both the company and the employee: corporate can remotely wipe company data should the device be lost or the employee is terminated, while users can feel comfortable knowing their personal data remains private thanks to a visually evident partition. An example of such a partition is an application icon that users must log into in order to access corporate resources.
Give Employees a Say in the Implementation Process
Also fueling skepticism among employees is the implementation process. Much like iTunes’ longwinded terms of agreements we grudgingly accept, employees are often forced into an all-or-nothing agreement if they want to use their personal device on the corporate network. Intel has tossed that model aside in favor of a “trust tier” approach. Users are able to select a level of security based on the degree of monitoring they’re willing to accept. Divided into five tiers, levels of access range from Public (information that is available on public servers) to Managed Equivalent (full access to corporate data).
These three factors are grounded in trust and communication. By working to build trust and creating an environment that allows for clear communication between users and IT, Intel has seen employees welcome a BYOD strategy, instead of receiving it with skepticism and hostility. “Intel is one company that designed a program that successfully addresses this challenge,” writes Short. “Even with about 30,000 employee mobile devices logged into their system daily, this program keeps Intel’s important data secure, and does so in a way that fosters employee trust and adherence to security policies.”
Has your business run into trust troubles due to a BYOD policy? Let us know your experience with BYOD rollouts and employee mistrust by sending us a tweet @NapkinBetaBeyond or connecting with us on Facebook.