The ubiquity of Bring Your Own Device (BYOD) in the workplace brings many benefits to both the employee and the enterprise. Forbes cites increased employee engagement, Millennial appeal, lower business operating costs, higher productivity and flexible work options as just a few of the BYOD perks. It is no longer a matter of whether or not your business should make the shift to BYOD; it’s a matter of when and how to execute it.
Increasingly, employees prefer (and often expect) the option of utilizing a blend of both personal and employer-issued devices to communicate, store data and complete their job tasks. Although it introduces new security challenges to the employer—particularly in the healthcare setting, where protecting patient information is a requirement—BYOD has a bright side. Pew Research Center found that employees who use their own devices actually feel more ownership over their work. As the line between work and home life becomes increasingly blurred and access to technology allows for more flexible schedules—making BYOD inevitable, at least to some extent—it’s more important than ever to make sure your company’s network and information remains secure. Moreover, in the confidentiality-laden healthcare industry, HIPAA laws require that patients’ healthcare information be kept private and protected from the public eye. This ups the ante and the urgency of developing robust safeguards.
For healthcare organizations, BYOD presents a unique challenge to employers balancing worker productivity and flexibility with patient privacy and HIPAA mandates. Forbes contributor Elena Kvochko further outlines a few of the primary BYOD security challenges, writing, “It is important that consent is required for companies to access personal devices to monitor the use of apps and install security software. From the enterprise perspective, this can make securing corporate networks more complex.”
Ensuring the security of healthcare patient data on BYOD equipment
William Long with ComputerWeekly writes, “Central to the guidance is having a clear BYOD policy so employees connecting their devices to the company IT systems clearly understand their responsibilities.” Long also recommends implementation plans that lead to better separation of work data and personal data, as well as data encryption and regular audits of access points. According to Long, employers should consider “sandbox” or “ring fencing” methods, which safeguard data within a password-protected app on the device.
How do you plan to ensure that your company’s data remains safe in the BYOD era? Do you foresee other challenges for the enterprise?