Get fresh insights, pro tips, and thought starters–only the best of posts for you.
Oct 5, 2021
6 min read
Bring your own PC! The concept is pretty simple. Instead of having separate work and personal computers, you use your personal computer for work too. BYOPC certainly seems convenient for the users but can companies really adopt it? What are the security challenges? How can you implement BYOPC securely in your organization? What are the advantages? Let’s try and answer these questions in this blog. While it was not generally recommended to let the employees use personal devices for work, you can take certain measures to get the convenience of personal devices and the security of work devices. The goal is to maximize the benefits and minimize the risks. Best of both worlds.
I am pretty sure that you are already familiar with BYOD. If not, you can go ahead and read up on it:
BYOPC is replacing BYOD. This is not just what I am saying. The rise of remote and hybrid work has directly resulted in this development. Exactly one year back, one of Gartner’s reports predicted that more than 50 percent of the enterprises would implement BYOPC. BYOPC became one of the short-term emergency responses to COVID-19. Rather than shipping workstations to the employee’s homes, it felt easier to just let them use their personal devices. However, BYOPC as a strategy comes with its own set of challenges and risks.
CISOs and security leaders should expect the need to support BYOPC to be dependent upon a long-term work-from-home strategy, and also expect to support security tools needed for a BYOPC environment.
-Rob Smith, Gartner.
Unsurprisingly, the biggest challenge while implementing BYOPC is to ensure security. Managing and securing a company device is way easier than managing personal devices used for work. Think about it. A fully managed corporate device is safer. No doubt about it. However, it is not always the best way to go. When BYOPC becomes the need of the hour, you have to take measures to make it happen in a safer way. How to do that? Solid BYOPC policies. Do not worry, we would be discussing those too.
While there are challenges, BYOPC also has some serious advantages. Of course, we wouldn’t be even discussing the topic if it didn’t have some benefits. Let’s take a look into a few:
Many see BYOPC as a temporary solution. However, for some users, their personal computer has become the sole point of access for all their data – corporate or personal. Therefore, to implement BYOPC, you need to formulate short-term and long-term strategies.
The BYOPC policy should consider some important factors:
Specify when the employees should use their personal computers. Should they use it only during emergencies? Or should it be limited to the weekends? (Let’s hope no one has to work on the weekends!!)
Define acceptable devices and operating systems. For example, you could allow BYOPC only if the employee has Windows or macOS machines of certain specifications.
What happens if there is a leak of sensitive corporate data from the personal device? Or, important personal data is leaked because of an error in one of the business applications? Tough questions – it is best to contact your legal team and get some advice. Usually, the companies specify an Acceptable Use Policy. It emphasizes the responsibility of the device owner to protect the corporate data. The users should take care not to lose any devices containing sensitive information. IT should also take measures against threats like the user installing unauthorized applications on devices used for work.
Using their personal device for work implies the trust the employees have in the company. No employee would be happy if their personal data can be accessed by their employer. It is the responsibility of the organization to respect their privacy by defining solid privacy policies. Managing BYOPC means managing just the corporate resources, apps and data without snooping on their personal apps and data. A successful BYOPC strategy takes into account the privacy of the user even while devising stringent security policies.
Verify the applications installed on the endpoints. Applications with any vulnerabilities must be uninstalled from the devices.
Imagine the employee is working at a coffee shop, sipping on an iced Americano while using the free coffee shop Wi-Fi. Idyllic for the employee, but a headache for the admin. Open Wi-Fi poses a huge security risk and a greater attack surface. One way to ensure security even in these circumstances is to mandate the use of a Virtual Private Network – VPN – before granting access to the company resources.
There is no use in formulating detailed policies if the users do not take care to hold up their end of the deal.
Untrusted till verified is the principle to live by. Zero Trust Network Access (ZTNA) provides secure and remote access to the company’s data, applications and services according to defined access policies.
Modern management tools like Unified Endpoint Management (UEM) make remote management easier even if the devices belong to different platforms. For instance, Hexnode UEM supports the management of both Macs and Windows machines.
Prior to COVID-19, there wasn’t this much buzz or interest around BYOPC. Of course, that is not the case now. Organizations had to revisit the BYOPC policies to facilitate and scale remote work. It is not a bad strategy – maybe even a good one considering the need – but implementing it shouldn’t be done carelessly. All the policies discussed here should be taken into consideration while formulating the BYOPC plan for your organization.