How Small Business Can Succeed in the BYOD Trend

The Canadian startup scene is the jewel in the crown of Canada's resilient economy.
Often headed up by a courageous visionary, their crew consists of a small skeletal staff of inspired individuals, who, whether they like it or not, are forced to wear many different hats -- including the boss.

As businesses and most of society increasingly migrate towards mobile devices and cloud computing – the challenge for the small to medium business (SMB) owner is to play the role of educator around the digital dangers that are associated with using mobile devices, such as laptops and smartphones at the workplace. According eMarketer, there will be 10.5 million smartphone users in Canada, and this number is predicted to expand to 16.4 million by 2016.

Whereas large companies like Yahoo can send out an inter-office memo requesting the mobile preference of staff, and, will happily foot the bill to furnish their mobile desires. It may not be economically feasible for a SMB. So, in order to play in and benefit from the emerging mobility game, SMBs encourage employees to bring their own devices (BYOD) to work. For a developer bringing in his or her own keyboard to work it may be considered as a low-risk to a company's security. Conversely, mixed use, personal and professional use of a personal smartphone, tablet or a computer could invite digital dangers. According to a State of Mobility Survey, the average losses associated with mobility during 2011 were $126,000.

Under a BYOD environment, personal devices can contain and provide access to vast amounts of company data; it can be lost or stolen; the data can be compromised; and it's possible the device being used could be a carrier of crippling malware. As such, it's strongly advisable not to permit the use of jail-broken devices.

So, how does a time-strapped and resource-poor SMB owner balance the need for technological efficiencies while protecting company security? One solution is to enlist the help of companies like Symantec, who can act as a great resource of information and data security for SMBs.

We spoke to Andy Singer, director of product marketing at Symantec, a company that provides products and services to help individuals and businesses protect the integrity of their information, about the best practices in workplace mobile security.

Establish a mobile device management policy.

In simple terms, a mobile device management policy is the implementation of a system to monitor and manage a mobile device. "Decide what are the security fundamentals that you have to have," suggests Singer. A typical must-have is a backup recovery solution that will rescue lost data or information compromised during a server crash. Once you've made a decision about what your must-haves are you can add different layers of protection or control, such as endpoint protection, which is the ability to block viruses or malware.

Educating employees about digital dangers

SMB should inform themselves about how vulnerable their data is. "Educate your employees about how to avoid digital dangers and what is considered as acceptable use," says Singer. Creating an 'Acceptable Use Policy' is a good way to communicate your company's policy. One option could be to state that if personal data is lost or damaged on a company device the company may not be responsible for it. As a SMB you can make sure that your business devices are really used for business and that any other use may not be covered by your policy. However, the reality is desktop computers and mobile devices will be used at all hours of the day at a variety of locations, as a result and there will likely be some personal use at some time. The key is to ensure that you have a clear policy that addresses use so that you can have educated employees.

The best mobile security practices

To ensure your company uses the best mobile security practices, Singer strongly recommends teaching your employees about how to be smart and safe when using the Internet. This means ensuring that your staff is using robust passwords. In addition, if your company has the ability to remotely lock and wipe computers, make sure your employees know how these types of features work so if a device misplace is lost or misplaced they can be in better control of the situation.