Today’s technology users rarely need to purchase a new edition of an operating system, software, or app for their computer or mobile device. Instead, companies include updates as part of the purchase or as part of a service agreement. A user simply accepts the update and continues using the device as usual. However, each Bring Your Own Device (BYOD) software update represents potential challenges for IT departments. By understanding and being prepared for these challenges, IT departments can help avoid issues—including security risks—with the updated devices in order to maintain network security, as well as productivity and workflow expectations for users.
Understand the Potential Problems with any Software Update
Any software update can change the way an operating system (OS) interacts with applications—and vice versa. Whenever Apple (iOS), Google (Android), or Microsoft (Windows) releases an update, it could change the way applications run, security programs act, and the way employees interact with their devices.
For organizations that embrace BYOD, OS updates often hit at unexpected times and may change a user experience in different ways. Therefore, it may be hard to warn employees when an update is imminent. Additionally, it’s virtually impossible to predict how updates may affect the device or user experience.
Further complicating matters, OS providers often release a secondary update to cover a vulnerability found in the previous one. For example, Apple released an emergency patch in late August after it discovered a significant security vulnerability in the latest version of iOS. If unnoticed, the security flaw could have harmed businesses using iOS for data-sensitive activities.
When devices are under the IT department’s control, the IT staff may have some knowledge of impending updates. But BYOD programs place added pressure on IT departments, and updates to BYOD equipment may catch IT professionals unaware. To help maintain network security and company-wide productivity, the IT team must have an up-to-date understanding of the threat landscape, software security, device security, and update releases.
Protect Your Business from Software Vulnerabilities with these Considerations
To prepare for software updates, IT departments can take a few steps to maximize security, outline device support, and anticipate possible challenges:
1. Develop a formalized plan for software update rollouts. For company-supplied devices, control the rollout with testing, education, and troubleshooting. If your IT department allows employee-owned devices, consider offering limited rollout support for major upgrades and updates. Forward information to registered device users and offer cheat sheets with tips employees can use to manage their own devices.
2. Read information about updates. Whether your organization supports a piece of software or not, try to maintain current knowledge about major updates at all times. New technology featured in OS updates may affect business activities in unanticipated ways. Ongoing education will improve the IT department’s ability to react to possible vulnerabilities and usability challenges.
3. Get to know all OS features. New features may not serve your business today, but could provide a needed solution tomorrow. Explore non-business features to understand what capabilities employees may tap into without permission, and even think about possible business-related uses that could enhance productivity or workflow in specific departments.
4. Keep a running log of OS features and whether or not they serve business goals. For example, your company may not be interested in iOS 10’s Siri updates (the ability to manage third-party apps) right now, but those features could enhance employee collaboration later. On the other hand, visual voicemail and the ability to control cellular data for each app might serve your organization immediately. Keep track of the newest features offered in software updates and explore their roles in your organization now and in the future.
5. Develop a BYOD policy that encourages employees to update their devices. Your organization’s BYOD policies should cover data management, application access, software update acceptance, regulatory considerations, the employee’s right to privacy, and safeguards in place to minimize risk. That policy should also serve as the foundation for software update management on employee devices. As much of a hassle as software updates are, they play an important role in device security and stability, not to mention functionality. Encourage employees to take a proactive role in software updates to protect individual devices and organizational information.
6. Focus on application management. After addressing security concerns, the IT department must consider application access. Develop a plan for supporting employees who need to access enterprise solutions from a BYOD device after an update. Some updates may affect access control, the application interface, or data security.
BYOD programs give employees flexibility and the option to use a device they already know how to operate and are accustomed to using every day. Software updates shouldn’t cripple your organization’s technology or reduce productivity. With the right approach to software updates, your BYOD program can thrive and employees can use their own devices without increasing security risks.