Bring your own device, BYOD, is the evolving trend of employees using their personal devices for work purposes. The device referred to here could be a laptop, smartphone, tablet, portable hard drive or any consumer piece of information technology.
Companies may utilize BYOD or a subset of the trend, such as BYOC, or bring your own computer. Whatever level of consumer technology a company allows within its greater IT infrastructure, the same benefits and risks apply.
When an organization leverages BYOD, it must incorporate employee-owned devices into its wider unified endpoint management (UEM) strategy. The goal of UEM is to provide IT a single approach to managing any endpoint using both traditional and modern styles of management. IT stakeholders need to understand what type of devices are connected to its IT infrastructure so it can provide adequate security measures and reduce the likelihood of financial and legal risk.
BYOD represents an opportunity between employees and employers. Typically, an organization will develop a BYOD policy that addresses security concerns, the types of allowable devices and other important considerations. Employees should read and understand their employer's policy before agreeing to it.
In some cases, the employer may require that employees install specific applications on their device. The employer may install security measures on devices used to access sensitive company data. For example, some organizations require software that wipes corporate data if it detects potential tampering.
Company stakeholders should understand that some employees may not want to participate in a BYOD program, especially if the mobile device management policy requires that certain apps be blacklisted. It is also common for policies to give employers remote access to their employees' devices. Employees may prefer a more distinct break between their office and home lives. In that case, they may prefer to have one device for work and another for personal use.
BYOD empowers employees to work and collaborate the way they prefer, with the freedom to use a device with which they are familiar. Companies that leverage application virtualization benefit from increased security and management options. For example, an employer could host a proprietary application in a cloud, and employees can access it on their personal device. Similarly, desktop virtualization allows users to access an isolated logical operating system instance without actually installing anything on their personal computer.
Companies will likely need to implement a BYOD policy, even if they provide employees with a second device. Inevitably, employees will use their personal devices to access company data, even if it is against policy. It's better to have security options in place to mitigate risks.
Any employee-owned devices that are not sanctioned by the employer are known as shadow IT, and these pose a security threat to the organization. Devices not visible to stakeholders cannot be monitored nor protected from malicious actors. Therefore, a strong BYOD policy will identify which personal devices may be used for work as well as when employees should rely on company-owned assets.
Another risk of BYOD is the fact that employees will bring their devices with them everywhere. While it's unlikely people will carry their work laptop with them on a night out, they will definitely bring their personal smartphone. This increases the risk that a device with company data could be lost or stolen.
All of these concerns can be prevented and planned for, but it requires the employer to take precautionary steps ahead of time. Corporate policy should outline contingency plans for reducing risk and reacting to security breaches as they occur. Making it clear to employees what their responsibilities are will help them understand how to leverage their personal devices for business purposes.
BYOD policy is best implemented when company stakeholders understand the pain point they are addressing. Stakeholders should build policy around the problem, then work with employees to implement the solution in a mutually beneficial manner.
Citrix helps customers embrace BYOD through a simple, secure approach based on leading enterprise mobility management, Windows app and desktop virtualization, file sharing, collaboration and remote support technologies. Citrix products allow employees to access all of their apps and data on any device while giving IT the means to maintain security with uniform policy enforcement, full compliance and efficient control.
Citrix products for BYOD allow organizations to:
Citrix Workspace for digital workspaces
Citrix Virtual Apps and Desktops for app and desktop virtualization
Citrix Endpoint Management for mobile app and device management
Citrix Content Collaboration for data sharing and storage
Citrix ADC for application delivery networking
Citrix SD-WAN for WAN virtualization and optimization