Why a BYOD Policy Requires Secure File Sharing
15 May 2017
Many organizations have adopted a BYOD (Bring Your Own Device) approach for their employees. BYOD might be a formal practice, meaning the company officially sanctions workers’ use of their personally owned computers, smartphones and tablets for work purposes and backs the practice with an enforceable policy. Or, BYOD could be an informal practice, meaning the company neither sanctions nor encourages the use of personal devices for work purposes, but it doesn’t really prevent their use, either.
Organizations that allow the practice of BYOD report a variety of benefits, from higher worker productivity to increased employee satisfaction. Many workers want the convenience of carrying just one device and being able to use it for both work and personal purposes, whenever and wherever they have the need. Certainly, productivity can be increased when employees can readily communicate and share information in real time, especially outside of traditional work locations and hours.
Benefits of BYOD
More importantly, Cisco cites that the transformative benefit of BYOD is employee-driven innovation. According to the Cisco Systems survey report BYOD: A Global Perspective – Harnessing Employee-Led Innovation, “By allowing employees to decide how, when, and with which tools work is done, companies can unlock the next wave of value.” The report goes on to say that employee-led innovation extends far beyond when and where to work. “Through BYOD, employees can continually innovate in a multitude of ways, such as using cloud-based services to analyze and visualize data on a mobile device, discovering the perfect tool for managing complex workflows, or recording video meetings to improve execution when decisions are made. The potential for consistent bottom-up innovation is tremendous, and the tools are readily at hand: increasingly inexpensive, powerful devices; thousands of mobile applications with enterprise-level power and sophistication that cost only a few dollars; and application-development tools that non-experts can use to quickly design their own custom applications.”
That’s not to say that BYOD is a free-for-all, with workers doing whatever they want. For the sake of data security and privacy, and to maintain compliance with various regulations, organizations increasingly are adopting formal BYOD policies that detail how devices should and should not be used. This often includes what specific applications – or at least types of applications – people can use to access corporate information.
Secure File Sharing with a BYOD Policy
A secure file sharing application should be on the list of sanctioned applications that employees must use when sharing corporate files with each other. Otherwise, they will use whatever application is easiest and most convenient to send and receive files, and that’s most likely to be either email or a free consumer-grade file-sharing app. Both are inherently unsecured methods for sharing company information and files.
Many people have a consumer-grade file-sharing tool on their own device for the convenience of completing personal tasks, like sending photos to Grandma, or submitting a school permission slip to a teacher. This creates a data leakage vulnerability where employees might be able to copy corporate data to a location not managed by the company. Using secure app containers as part of a BYOD strategy can create a walled garden on the personal device and mitigate this risk.
Public Wi-Fi Security
Another concern is that people on portable and mobile devices often use open, public Wi-Fi systems, which should not be trusted for business use of any sort. It’s simply too easy for data to be intercepted over public Wi-Fi. Workers might forget – or not know – to turn off file sharing on their devices before joining a public Wi-Fi system. What’s more, some device settings allow for automatic connection to public Wi-Fi systems without the user’s knowledge or permission. When this happens, the device is quite vulnerable to attack.
A secure file sharing app can compensate for weaknesses in mobile systems by protecting files with features such as encryption, two-factor authentication and secure tunneling over the communication link. Even if files are stored locally on a personally owned device, restricted access to files can prevent unauthorized people from getting to corporate data. Employees can safely collaborate and share the necessary work files without the concern of exposing information in a breach.
BYOD is a global phenomenon that doesn’t have to be at odds with corporate data security and privacy requirements. Organizations that put the right policies and tools in place can enable worker productivity and innovation while still protecting company files and data.
For more than 20 years, we have helped clients implement secure file sharing and manage confidential documents in the world’s most highly regulated industries. Learn more about Intralinks VIA and request a free trial or demo.
Todd Partridge is Vice President, Product Marketing at Intralinks. He has broad industry experience in the enterprise information management (EIM) space, with deep expertise in all trends and technologies related to information governance, enterprise content management, document management, web content management, business intelligence, team collaboration, e-mail management, and enterprise records management practices. In his previous role at OpenText, Todd held several global positions ranging from sales, marketing, product management, positioning and strategy.