Friday, April 12, 2013
Government agencies must plan for BYOD success
The benefits to be gained by leveraging bring-your-own-device (BYOD) policies are, by now, fairly well established. With BYOD, an organization's employees can immediately become more productive, as they can perform work-related tasks outside the office with far greater ease. Time and again, surveys have demonstrated that employees greatly prefer to work on their personal devices, rather than company-issued devices. By implementing BYOD, firms can therefore encourage employee satisfaction, as well as productivity.
A wide range of organizations have acknowledged these advantages and taken steps to leverage BYOD. And while businesses have often been at the forefront of this movement, they are hardly alone. Nonprofits, educational institutions and, increasingly, governmental agencies are also striving to take advantage of BYOD deployments.
To maximize the utility of these solutions while minimizing the risk of suffering a data breach or other security issue, GCN recently highlighted the importance of sufficiently planning out every aspect of a BYOD strategy.
One of the most important considerations for government agencies eager to utilize BYOD deployments is adherence to existing security standards. The news source noted that in September the Office of Management and Budget (OMB) issued a reminder that the Federal Information Security Management Act (FISMA), as well as all federal data protection and retention policies, apply to mobile devices, and consequently must be factored in when agencies devise BYOD plans.
The news source noted that mobile device management (MDM) strategies and tools are often essential for meeting FISMA regulations.
GCN further noted that the CIO Council has put forth requirements and recommended best practices for ensuring that BYOD implementation efforts are as successful as possible.
One key component of these recommendations is ensuring that employees are fully involved and on-board for the initiative. Before any concrete steps are taken, government agencies should survey workers to determine their opinions regarding the benefits and risks of BYOD for their specific job functions. Depending on the results of such fact-finding, some agencies may decide to fully embrace BYOD, whereas others may want to consider a voluntary participation policy.
Additionally, it is critical for government agencies to ensure that all employees receive sufficient education and training in regard to BYOD. If workers do not fully understand the risks involved with these strategies, they are far more likely to inadvertently cause a data breach or other serious security issue. And as many industry experts have noted, the majority of data breaches spring from internal, rather than external, actions, and the bulk of these are inadvertent, not malicious. Educated workers will be far less likely to accidentally expose sensitive governmental information.
It is also essential for government agencies pursuing BYOD to utilize sufficient tools. Specifically, departments should invest in secure file sharing solutions specifically designed for BYOD environments. With these resources in place, employees can easily and securely send and receive emails via their mobile devices, thereby allowing them to make the most of the strategy.