Wednesday, May 28, 2014
Employee training: A key component of a strong BYOD strategy
Employees must be partners in keeping data secure while participating in BYOD initiatives. Here are four tips for your training sessions.
Human error is responsible for a significant portion of data breaches and other network incidents. Most of the time, the root cause is ignorance, rather than malice or carelessness. As bring-your-own-device (BYOD) policies gather steam and more workers use their personal gadgets for company activities, IT departments are struggling to protect their systems and keep all of their organizations' resources running smoothly.
In addition to putting strong programs in place, such as secure file sharing tools, businesses must also educate their workers about the potential dangers of data exposure, network infiltration, and more, as well as the behaviors that put information and devices at risk. Having a solid training plan is a critical component of any BYOD initiative. Here are some tips to get started:
- Lay the foundation: Have clear policies and procedures in place before talking to employees. Your organization needs to decide what business activities workers can perform on their personal devices, if you need to establish restrictions on public Wi-Fi usage, and which strategies and tools will constitute your mobile device management plan. These decisions must all be worked out and understood by key stakeholders before you begin training workers on BYOD policies and best practice.
- Offer background information: BYOD training should include not just what workers can and can't do with their devices, but the contextual information that will help employees understand the importance of these rules and restrictions. Therefore, you should compile some statistics about the consequences of data breaches, the frequency of cyberattacks, and the ways poor choices can severely impact both their personal and professional resources. You should also clarify company policies and protocol, such as what happens if workers lose their devices, before you start giving people access to mobile apps and other tools.
- Conduct in-person training: Walk end users through the steps for adding security to their devices, setting up mobile apps, and utilizing tools such as functions within secure containers, Tech Republic advised. These sessions should cover security basics, such as best practices for creating and managing passwords, as well as device provisioning, IT help desk procedures, and account management. It's important to have a hands-on approach for putting security measures in place, rather than simply going through a presentation and offering a handout.
- Follow-up with documentation and ongoing education: Tech Republic suggested giving employees hard copies of the information you cover in training so they can refer to key points and instructions whenever necessary. Further, the source recommended creating how-to and informative videos to remind workers about BYOD best practices and keep them abreast of new policies or recommendations.