Managing electronic assets at your business is difficult enough without having to worry about your staff’s personal devices. But this has become a common problem with the advent of Bring Your Own Device (BYOD) expectations at many companies. Sometimes the expectation is pushed by employees, but sometimes it’s driven by employers themselves.
There are many reasonable arguments in favor of BYOD policies, including straightforward cost-savings, as well as increased flexibility in how, where, and when employees work. But then there are just as many security and management-related arguments against such policies. Cost of lost hardware, liability of lost data, or compromised devices allowing hackers access to your business network.
A recent survey of CIOs by the Gartner Group found that by 2020, 45% expected to go fully BYOD, with only 15% expecting to have no BYOD usage whatsoever.
Corporate asset management policies are at a challenging intersection of information technology (IT) and physical security demands. Managing the comings and goings of devices from your facility is an integral security process for any company working with sensitive data or resources.
If your business is thinking of defining—or redefining—a BYOD policy you must ensure that it will add value to your operations, safely, and securely.
Challenges of the BYOD Trend
It is important to understand the factors behind the emergence of BYOD as a serious business trend. This can inform our decision-making regarding it at businesses concerned about security and mobile device management.
Tech Industry Trends
Over the last two decades, the computer and mobile tech industries have shifted towards consumer-focused products, producing less and less technology built to be easily managed in a business setting, where concerns like security and ease of repair are most important.
Apple is chief among these trendsetters with its iPhone and iPad lines, which popularized tablets and smartphones as viable consumer products over desktop computers.
But all major developers have followed suit. Apple phones, Windows tablets, Linux laptops. Most businesses would be hard-pressed to find efficient management solutions for the full range of devices that could walk through their front door.
Seeing how useful these mobile technologies are in their personal lives has led many people to push for their adoption in the workplace, often without consideration for a business’s security needs.
From a security perspective, the behavior of staff, contractors, and visitors with BYOD technology is more concerning than the technology itself.
If your company’s asset tracking system is cumbersome to the point where your laptops and phones are difficult to access, staff will be inclined to use their own, readily available electronic devices.
The expectations of management can change too, which might reinforce this behavior among staff. Managers may expect an increased level of availability when staff can submit work and respond to email off-hours from personal devices. This may create situations where company data is accessed so frequently from personal devices that some data may live entirely outside corporate control. This is a massive liability.
As mobile technology becomes ever more present in the consumer sphere, and evermore useful in the enterprise sphere, it will be imperative to find effective management solutions for every business type, especially those in high security sectors.
Asset Management Planning
As with any security planning, the best way to develop BYOD policies at your business is to start by determining your business’s overall operational and security goals.
- Is your priority maintaining an audit trail for regulatory compliance of certain company devices?
- Are you trying to restrict the flow of personal devices into your facility?
- Are some personal devices permitted and others not?
- Are you trying to restrict devices with embedded cameras from entering parts of your facility?
- Are you allowing access to certain company data on personal devices, but not others?
The ultimate goal of any asset management plan is to get your business users access to the tools, apps, and data they need to do their job on the devices you make available to them.
Possible BYOD Management Solutions
Any solution you deploy must be adaptable to your unique business needs. Its value will come in providing robust and flexible options to accommodate BYOD, your other existing assets, and future technologies.
Electronic asset lockers with RFID technology can meet a variety of these needs. Radio-frequency identification (RFID) is a short-range wireless technology. It allows your staff to swipe ID badges to check your business’s sensitive or restricted devices in or out from asset lockers, while keeping a full, electronic audit trail for regulatory compliance. Being fully automated reduces security staffing, while keeping devices secured.
This kind of control system obviously regulates the provisioning and use of sensitive hardware, but in doing so, it can also regulate usage of any software or apps those devices might hold. In certain industries, licenses for specialized applications can cost tens of thousands of dollars. Electronic asset lockers can help companies avoid installing expensive applications on too many corporate laptops and phones, or even employee-owned ones, by providing an efficient, automated sign-in/sign-out system for sensitive and high-value devices.
Having asset lockers can also permit visitors, students, contractors, and your employees themselves to bring their personal devices to your facility, but store them safely away from your restricted areas.
They have uses in both restricted and open environments. Deploy lockers near your access control checkpoints or public spaces like auditoriums and classrooms. They can even provide the convenience for staff and visitors of integrated device charging.
Whatever system you choose, whether automated RFID asset lockers or an alternative, make sure it’s going to meet your security objectives.
About the Author
Shannon Arnold is the VP of Marketing and Strategic Partnerships at Real Time Networks.