The bring-your-own-device (BYOD) trend continues to make corporate inroads. According to Security Intelligence, more than 60 percent of enterprises now allow or “tolerate” employee mobile device use in the workplace. But companies still have significant security concerns, especially when it comes to the specter of lost data. Here are seven tips to boost BYOD security in 2015.

Cloud-Based Controls

When it comes to managing BYOD resources, enterprises often encounter the problem of sprawl: Too many devices spread out across local and satellite offices, homes and even vehicles make broad policy enforcement seem difficult, if not impossible. Secure, cloud-based services offer a way to manage this risk without the need to define separate protocols for each physical instance. So long as BYOD devices all connect to the same corporate cloud, the same network restrictions can be enforced regardless of location—employees at their desks, those working from home and even on the road all fall under the same security umbrella.

Embedded Hypervisors

Another way to manage the BYOD risk is by using embedded hypervisors. As noted by ZDNet, smartphones and tablets may be next in line as the ideal platforms for virtual processing software. Just as conventional hypervisors offer granular management of virtual machines, mobile-embedded hypervisors could allow IT admins to control which applications will run and under what circumstances. Ideally, this creates two virtual environments—one business and one personal—enhancing freedom of use with minimal risk.

Enhanced Authentication

Authentication is also a critical factor in BYOD security, and offers two ways for enterprises to limit their threat exposure. First, two-factor authentication should be required for any kind of corporate network access: In its most basic form, this means the use of a one-time code in addition to login/password information, but also rely on a token or other physical access element. In addition, it’s essential to curate mobile access: If an employee is not directly involved in a project, sensitive data should be made off-limits.

Biometrics

Taking the idea of authentication a step farther is biometrics. As noted by FierceMobileIT, the market for mobile biometric scanners is on the rise—in five years, it’s predicted that the mobile fingerprint market will be worth more than $1.7 billion. What’s more, the total number of biometric-enhanced devices will jump from just 15 percent this year to 50 percent in 2020.

Session Border Controls

While session border controls are often used to manage VoIP traffic, they also hold promise for BYOD security. According No Jitter, “an SBC can play a key role in verifying the authentication and encrypting the communications between endpoints and the network,” which limits the possibility of third-party snooping or unwanted access. What’s more, SBCs allow IT staff to create and manage secure connections for workers to transmit critical data.

Defined Email Parameters

Email remains the most requested point of access for BYOD workers, but poses a real risk if misused. To combat this problem, enterprises can take steps such as limiting file attachment sizes and the length of time emails are accessible. This prevents malicious actors from gaining access to large data volumes and also alerts IT in the event an employee tries to send an oversized file from their mobile device.

Crystal-Clear Use Policies

The final BYOD security tip? Define your use policy. Use uncomplicated language to make it clear where responsibilities lie and what kind of consequences will result from misuse. This includes making end-users responsible for backing up their data, clarifying who is responsible for device maintenance and what actions (such as downloading an unapproved app) will negate BYOD privileges.

BYOD adoption continues to rise. Make sure you’re taking steps to mitigate the risk.