Category: Break-Fix

BYOD: Placing limits

BYOD: Placing Limits

In our recent blog, we talked about the data security concerns that BYOD can bring to your workplace. There is another factor that needs to be considered before adopting BYOD. How much Bring Your Own can your IT department support? Supporting too many different operating systems, hardware models and software versions can be a real drain on the resources of your IT staff. Supporting BYOD can become very expensive.

You will need to consider placing limits on the BYO part of the issue. There are a wide array of possible devices out there. Supporting all of them would be overwhelming. Users don’t just BYOD, they bring their own Operating System and their own software applications and all of those applications’ multiple versions. Trying to support and control an almost limitless list of entry points into your data is both unwise and impossible. IT will need to place limits on which devices and operating systems it will support.

Another point to consider is how much the company will rely on the individual user to install and upgrade company-required applications? Will IT be responsible for those duties? By placing the burden on IT, you ensure all the proper versions are being used, but you increase the labor requirement, which may become impractical.

In summary, there are a lot of issues regarding BYOD that create concerns. BYOD policies have a lot of moving parts which makes supporting them a difficult task. Make sure you are recognizing all the areas that will require IT support.

Contact us for more information on our IT support services.

BYOD can have some downsides

Employers know that employees prefer BYOD policies and that they can increase productivity. However, BYOD can have some downsides. Probably the most prominent concern among those who have to address the BYOD issue is the increased risk to data security. Obviously, the more devices you have with the ability to connect to your data, the more opportunities you create for a breach. Simply put, a house with 20 doors and 50 windows with multiple lock styles is a bit more vulnerable than a house with one door and one window.

BYOD increases risk to the organization. Data breaches bring a few layers of concern. First, the loss of proprietary data can affect your competitive status in the market. However, the real high-visibility concern is the theft of your customer’s personal data. Theft of personal data brings three serious consequences.

First, data breach laws require informing all victims of the data breach and in some cases, the media must also be informed. This public visibility can have long-lasting implications for brand value.

Second, you face a short- and long-term revenue hit. Customers angry and frustrated, as well as others who learn about the breach through social media, word-of-mouth, and traditional media sources, may move their business to the competition.

Third, data breaches can bring civil penalties. In the case of the General Data Protection Regulation (GDPR) in the European Union, these penalties can be extremely severe. ( And keep in mind, the GDPR doesn’t just apply to entities physical operating within the EU. It applies to the data of any user who is a citizen of the EU.)

In summary, given the severity of the consequences and the increased vulnerability created by BYOD, it is important to create a BYOD policy with strict parameters. It cannot be a “wild west” of anything goes.

Click here to learn more about our IT solutions.

Adopting a BYOD policy

Employee convenience is touted as one of the primary drivers for adopting a BYOD policy. However, just because it can make life easier doesn’t mean employees don’t have serious concerns about the implementation of BYOD in the workplace. From the employee perspective, there are downsides.

One particular issue that arises with BYOD are employee’s concerns about the privacy of personal data and applications. Because these are their own devices, they have an enormous amount of personal data, including health information, photos, texts, emails and other information stored on the device. Also, apps they may have installed could potentially reveal information about their religion, politics, sexual orientation or other characteristics that they may consider private and off-limits. Concern that their employer could see their personal data is a legitimate worry; there are Human Resource implications here. Knowledge of certain data about an employee could make an employer vulnerable to discrimination laws. What about GPS tracking? Can the employer track employee whereabouts? The employer has a compelling interest to track the device in case it is lost or stolen, but the employee has similar competing concerns about privacy.

There are no absolutely correct answers here, but a perception of overstepped boundaries could lead to an atmosphere of distrust that can be counter-productive. It is also important that these decisions be made with knowledge of all applicable local, state and federal regulations. In short, just be aware BYOD is a complex matter that can’t be handled within the silo of IT.

Click here to learn more about our cybersecurity and compliance solutions.

Hiring seasonal staff? Here are a few things to consider from the IT

In many industries, there are seasonal spikes in business around specific times. For example, CPAs/Accounting firms, though busy all year, generally see a spike in business around the time of tax planning, IRS return filing, etc., the retail industry sees a boom around the Holiday Season, and so on. During such peak times, it is common practice in the industry to employ part-time staff to meet the immediate resource needs. While this works well in terms of costs and for handling additional work/client inflow, this poses a few challenges from the IT perspective. In this blog, we explore those challenges so you know what to watch out for before bringing part-time staff on board.

Security

When you are hiring someone part-time, security could be a concern. You or your HR person may have done a background check, but their risk score nevertheless remains much higher than permanent employees who are on your payroll. Trusting a temp worker with customer and business data is a risky choice.

Infrastructure

Having seasonal employees is a good solution to temporary spike in workload. But, there is still a need to provide your temps with the resources they need to perform their tasks efficiently. Computers, server space, internet and phone connectivity, all need to be made available to your temp workforce as well.

Lack of training

Your permanent employees will most likely have been trained in IT Security best practices, but what about your temps? When hiring short-term staff, SMBs and even bigger organizations rarely invest any time or resources in general training and induction. Usually brought in during the peak seasons, temps are expected to get going at the earliest. Often IT drills and security trainings have no place in such hurried schedules.

Collaboration needs

Often businesses hire seasonal staff from across the country or even the globe because it may offer cost savings. In such cases when the seasonal staff is working remotely, there is a need to ensure the work environment is seamless. High quality collaboration tools for file sharing and access and communication needs to be in place.

Having part-time or seasonal staff is an excellent solution to time-specific resource needs. However, for it to work as intended–smoothly and in-tandem with the work happening at your office, and without any untoward happenings–such as a security breach, businesses need to consider the aspects discussed above. A MSP will be able to help by managing them for you, in which case hiring temps will be all you need to think of.

Click to learn more about our managed service provider solutions.

The reality of cybercrime requires permanent organizational change

Because cybercrime isn’t going anywhere soon, every business needs to consider changes within its organization to institutionalize its emphasis on data security. This is not a problem that can be handled within a few particular operational or administrative silos.

Here are just a few things to consider:

  1. BYOD policies: A Bring-Your-Own-Device policy, which refers to allowing employees to use their own laptops, tablets and other mobile devices instead of company-issued ones, has become common practice in many organizations. However, permitting BYOD opens up new security issues because your IT department has potentially less control over how company data is accessed. With BYOD, many additional doors are being used to access corporate databases, etc., so it can be harder to keep your data secure. Because of the ubiquity of cybercrime, IT departments need to approach BYOD with a heightened awareness of new security vulnerabilities.
  2. Employee Training – Generally a topic for Human Resources, IT needs to now be involved in designing ongoing employee training to teach employees how to be vigilant about data security, password hygiene, and similar topics. Employee errors, such as opening phishing emails, are one of the largest causes of data breach events in the business world.
  3. Operations and IoT technology – Another area where there should be a re-focusing of attention involves the Internet of Things (IoT). The IoT has, at least in part, been introduced operationally, with Line of Business managers (LOB) discovering new specific applications for IoT devices, adopting them, and then being responsible for their maintenance and security. Such devices are introduced as-needed to address discrete needs throughout the organization. As a result, IoT devices have tended to function in operational silos. The unintended consequence is that the IT department, traditionally responsible for security issues, is left out of the loop. This means that data security is un-coordinated across all of the IT facets of the organization and security vulnerabilities are being overlooked. C-level tech leaders need to recognize this and adapt accordingly.
  4. The corporate mission – In order to give appropriate recognition to the threat that cybercrime represents to the health of a business, companies should consider including security as a core part of their mission. Both B2B and B2C customers take security very seriously, so companies should realize their mission is not to “provide X product or service,” but “securely provide X product or service.” To paraphrase a car maker’s phrase from many years ago. “Security is Job One.”

Click here to learn more about our cybersecurity solutions.

Device configurations need to be backed up as well

Device configurations need to be backed up often to maintain a repository of backups ready to be restored in case of emergencies. In large enterprises with more number of devices, this task of getting the device configuration backup up becomes a huge mundane task taking up most of the time of an admin. Being able to automate configuration backups will free up a network admin’s time to do productivity enhancing tasks.

Any change made to the device configuration in a network carries the possibility of an error. An erroneous configuration change can cause network issues ranging from performance degradation to network outage. This is particularly true for those network devices that are crucial for the infrastructure. Any change in such devices should be detected and the configuration file of the device must be backed up.

Unauthorized configuration changes often wreak havoc to the business continuity and hence detecting changes is a crucial task. Detection should be real-time to have effective control. Network Configuration Manager offers real-time configuration change detection.

All of these are reasons why you should have an automated software solution to backup and monitor your network infrastructure.

Click here to learn more about our managed service provider solutions.