Left To Their Own Devices

If your staff use their own technology devices to access key business systems, you could be creating a security risk. We talk to Mike Dew of Complete IT about the challenge of keeping staff happy and sensitive data under wraps.

We live in a mobile age, in which our prized devices – and the way we use them – have become intensely personal to us. We use them to talk, share, find our way, our food and drink, our entertainment and information, to bank our money and buy goods and services. They keep us connected. Within that ever-expanding network, we also learn to guard our personal data. But what happens when that connection involves someone else’s sensitive data – data upon which livelihoods depend?

“With the explosive growth in the use of tablets, smart-phones and other personal devices, it’s increasingly difficult for managers to control how users access their network,” says Mike Dew Technical Account Manager at Complete IT, one of the UK’s leading IT support companies with offices in Peterborough. “Users of all ages are now au-fait with these devices and are expecting similar functionality from their work machines.” Not surprisingly, many businesspeople also wish – and, indeed, expect – to use their own devices to access business systems. But if your users are seeking to access your business network this way, what should you look out for?

“Allegedly, an issue can’t be ignored once it has its own acronym, and this already has two – BYOC and BYOD (‘bring your own computer/device’). Either way, this creates problems for IT and business managers. For the IT professional, these new devices demand a thorough review of access security and data protection guidelines; for the business manager, studies show that staff and interviewees are increasingly being influenced by the choice of devices offered to them.

Recent surveys reveal this to be a deep-rooted problem. “88% of managers said employees were already using their own devices for business purposes, and 57% of companies accepted that some employees are already using these devices without consent.” This, however is something of a double- edged sword. While 64% of IT managers believed it “too risky” to add personal devices to a business network, and 48% of companies “will never allow” employees to use their own devices, 50% of IT Managers questioned also believed that use of personal devices could improve productivity.

So how do you strike the best balance? And should you be concerned about unauthorised device usage? “As a business owner or manager, you cannot ignore this issue,” urges Mike, “especially with the growing popularity of remote and mobile working. Companies should decide how to respond when employees ask to use their own device – or run the risk of unauthorised devices being used. A proactive approach allows you to manage the process before it begins to manage you.”
Complete IT is one of the UK’s leading IT support companies with over 300 SME clients across its nine offices in the UK. The Peterborough office has been looking after local businesses since 2006 and now has nearly 50 clients from a range of sectors.

WHAT YOU CAN DO

To help you plan ahead and avoid the potential pitfalls – and also to make a positive statement about you and your business – Mike Dew has drawn up the following action plan:

1. SECURITY – Consider how wider device usage will affect your current set-up and what controlled changes are needed to maintain your desired levels of security.

2. POLICY – Produce a set of clear and unambiguous guidelines so everybody knows what they can and cannot do. These will also set expectations and help to pre-empt future issues.

3. SUPPORT – Explore whether non-standard devices can be covered under your standard support contract or if a separate agreement is needed.

4. CULTURE – An open approach to device usage may help to attract new employees but what about your existing team? Will this encourage an “us and them” culture?

5. PAYMENT – Define who will pay:
a. DEVICE – partial or total payment allows you to maintain some degree of control
b. SOFTWARE – should you provide the means for employees to access a virtual desktop on their own device(s)?
c. SUPPORT – if a different support package is needed, who will cover the costs?

For further information, visit: https:// www.complete-it.co.uk/