How to Set Up Identity Access Management for a BYOD Workplace
In the United States, 35% of employees are now contractors or freelancers. And according to the U.S. Bureau of Labor Statistics, the average length of time a person stays at one company decreased from 4.6 years in 2014 to 4.2 years in 2016.
In an age of increasing short-term employment, it doesn’t always make sense to give employees access to company devices. Often it’s quicker and easier for them to work on their own laptops, tablets, or smartphones. But BYOD (bring your own device) policies pose significant security risks. How should IT teams adapt?
The challenges of IAM in a BYOD environment BYOD workplaces have to deal with a unique set of security concerns. In addition to all the regular IAM/UAM tasks, IT teams need to:
- Onboarding personal devices by automating the configuration of security settings, email, WiFI and VPN.
- Secure and control access to corporate apps and data from personal devices used for work
- Give users one location to find corporate apps and credentials for one tap access
- Selective wipe corporate data from a mobile device when a user leaves the organization or a device is lost or stolen.
- Support iOS and Android, allowing users to choose the device of their choice.
Despite these challenges, BYOD is a great way for your organization to realize the user benefits of mobility without IT having to dedicate time and effort to acquire and distribute mobile devices and manage wireless plans.
Mobility management tools for BYOD workplaces Mobility management software is critical for any BYOD workplace. It tightly integrates identity and mobility for users while still guaranteeing a seamless login among native and web applications across all devices. Mobility management also helps teams:
- Streamline user access and prevent lockouts with real-time synchronization between devices when a user updates their password
- Keep data on devices safe, with remote lock and selective wipe functionality
- Keep track of all the devices in use by requiring users to register their devices
Okta’s Mobility Management allows companies to adhere to their existing IAM policies while embracing the BYOD workplace. It also keeps logins secure and hassle-free.
Using MFA to secure your employees’ devices With unique devices registered to each user, IT teams can also take advantage of multi-factor authentication (MFA). Most login combinations only address the first principle of security (what you know, as opposed to what you have or what you are). MFA is a natural implementation of this.
Okta offers Adaptive MFA, a system that takes context into account when evaluating authenticity. For example, granting access to a user who is working from a known GPS location (such as within the company’s office) might require fewer authentication factors. In addition to context information and quick alerts to let you know if a user’s behavior has abnormally changed, Adaptive MFA sends notifications to admins when users have logged in with a new device and allows IT teams to decide whether to permit devices that are jailbroken, lack up-to-date software, or have other risky characteristics.
According to Okta’s recent Businesses At Work report, more than 80% of users are accessing their enterprise apps from mobile devices—but 56% of the apps on these devices are for personal use, and not provided by company IT teams. Prepare your organization by partnering with an IAM provider that specializes in mobility management. Not only will this provide necessarily visibility for IT, it will also empower your team to work with the flexibility and security that makes them efficient.
Okta is an enterprise grade identity management provider that lives in the cloud. Try Okta free for 30 days and see how it can work for you.