Bring-your-own-device has complicated the data security ecosystem significantly, as information moves from company-provisioned and managed devices to personal smartphones and tablets. The trend has afforded workers extended mobility and access to corporate resources from anywhere, but it has also given IT departments a few headaches. As Gartner recently pointed out, several major security hurdles must be overcome before companies can strategically implement BYOD policies.

On the technological front, the research firm's analysts noted that relying solely on the operating system's defenses will not be enough to protect important assets. Particularly since keeping versions up-to-date will be the responsibility of employees, companies will need a hardware- and software-agnostic way to guard information. Gartner identified several practices that should establish a security baseline, including password control, remote monitoring and wiping functionality and data encryption software.

Analysts also stressed the importance of crafting BYOD policies strategically so that data security can be maintained without crippling employee productivity. Striking a balance between the two can be difficult, as the former should never be compromised. However, Gartner suggested that employees have as much freedom in device and software selection as possible. Data encryption software provides a unique advantage in BYOD-enabled workplaces because it does not depend on the hardware used to store the information.

The BYOD wave
Although some companies have been understandably hesitant to open their doors to every new device that hits the market, many will likely have to contend with BYOD in the future. As a recent Network World survey revealed, only 16 percent of organizations have BYOD policies. This may have significant consequences, as Network World columnist John Dix pointed out. Many U.S. adults are already mobile, and the majority will soon have more devices at their disposal, with 75 percent of gift givers planning to purchase consumer electronics.

"Anecdotal evidence would suggest that, other than highly secure organizations that are locked down, most organizations fall into the fifth camp," Dix said, expanding on the implications of increasingly mobile consumers. "They realize BYOD is happening whether sanctioned or not, they have some controls in place that provide a bit of cover, but they either think the benefits outweigh the risks or simply aren't sure how much exposure they have."

While most business decision makers are not likely to fully embrace every device that employees want to bring, completely ignoring BYOD could create significantly more risks. At minimum, businesses should consider solutions such as data encryption software to effectively guard information whether it is stored on an employee-owned tablet or an office computer.