It seems like Her Majesty's Government is doing whatever it can to help usher in an era of Bring Your Own Device (BYOD). The UK has been undergoing a technical boom, becoming a prime area for tech startups and even established corporate giants looking to expand into Europe. However, despite this British technical invasion, the UK has been desperately lacking when it comes to BYOD adoption.
Only a dismal four percent of UK businesses are fully adopting BYOD policies, much less than other established nations around the world. Apparently, these UK organisations are far more concerned with the risks associated with BYOD security than their North American and Asian counterparts. They have delayed BYOD implementation instead of working towards finding the right solutions to get back on track.
This is where the UK government is stepping in. In October of last year, it updated a collection of guidance notes on BYOD initiatives. The hope is to provide additional support and direction to employers, both in private and public sectors, looking to better manage the onslaught of personal devices in the workplace.
These guidance policies touch on the the following subjects:
The BYOD Guidance: Executive Summary describes eight key security aspects that organisations should consider when looking to maximise the benefits of a BYOD policy while also simultaneously limiting the associated risks.
The BYOD Guidance: Device Security Consideration provides recommendations on authentication and protection for both data in transit and data at rest.
The BYOD Guidance: Enterprise Considerations provides insights on how to protect internal services from attacks brought on by employee-owned devices. It also provides various recommendations on forms of protection like the Walled Garden Architecture approach, which involves a four-step process to help secure an organisation’s network.
The BYOD Guidance: Architectural Approaches discusses common BYOD scenarios, and what types of risks an organisation is likely to face from employee-owned devices containing company data. The document also offers notes tailored to different operating systems and can help organisations decide which architectural approach best fits with their business, cost, and security requirements.
It’s understandable why many organisations are hesitant to adopt a BYOD policy. Security issues notwithstanding, there’s also definitely an additional cost to update networks and IT security to handle the new devices. However, in this age, being behind the times can be incredibly damaging to a companies reputation. It’s better to invest now before you fall too far behind.
We live in an era when people are incredibly tech savvy. New graduates and young professionals are very familiar with digital tools, and want to work in an environment that offers them that freedom. If consumers vote with their dollars, then job prospects vote with their applications and acceptances. Recent reports show that BYOD policies do play a role in influencing a prospect’s decision when he or she is considering where to work. organisations that don’t offer them may miss out on key talent.
Also, whether or not there are BYOD policies in place, people will continue to sneak their devices into work. If this is the case, then it’s becoming more dangerous to not adopt BYOD. If devices aren’t regulated and IT has no idea what machines are on the system, or how their being used, then how can they build security measures to protect the network from outside threats?
Companies looking to break through and modernise their IT policies stand to benefit a lot from the UK government’s guidelines. Sure, they won’t contain every scenario or case study to help an organisation avoid every possible complication, but they’ll teach you the basic industry standards to get you up and running, and avoid a BYOD disaster.