Bring your own device, or BYOD, is becoming an increasing trend within large and small businesses alike. Allowing employees to use their own devices has its benefits. It has been seen to increase productivity immensely by allowing employees to work from home and the freedom to work during commuting and outside the office has gone a long was towards improving company morale.
With such increases in productivity it is clear to see why more and more companies are choosing to allow their employees to utilize their own devices for business needs – but this does come with a risk. There are many threats unregulated devices can bring, especially in regards to sensitive company data.
Third Party Access
Probably the most significant threat is unknown third party access. This threat is most prevalent through mobile phones, but can affect any device that accesses open Wi-Fi. Computers often have security programs that protect them from the stealing of data via such methods. However, due to the fact that smartphones and tablets are still in their relative infancy, such programs are not commonplace on these devices.
There are security apps that can be installed onto smartphones, but these are found to slow the devices’ processing speeds. If we combine this with the need for them to be constantly updated, it is not hard to understand why many employees bypass these apps or simply uninstall them.
As the largest smartphone producer, it is Android who suffers the most from malware, the most prevalent of these being information-stealing malware. Such hacking software enables the creators to steal contacts, access email, text and phone logs, and track the smartphone owner’s whereabouts.
Lost or Stolen Devices
Mobile phones have advanced to such a degree that they now more resemble computers. This is beneficial in numerous ways, but their size can be problematic. Smartphones are far more likely to get lost or stolen than, say, a laptop, and not every user is sensible enough to secure their device with a PIN or password.
This is troublesome when we consider that mobile thefts constitute 30 to 40% of all thefts in US cities
. With over 27,000 being stolen in 2011, it is important to consider implementing protection against sensitive company materials. Indeed, it is becoming more important than ever that smartphones are secured to the same degree as desktops and laptops.
Employees
It may seem unlikely, but employees can be as much of a security threat than hackers. Upon leaving a company, many employees will simply ignore the call or otherwise forget to hand their phones into the IT department to have any private company data removed. Should your employees start to use their own devices, it is important that they are made aware of their responsibilities. A company-wide policy should be put in place and signed by all current and future employees, ensuring there will be no confusion about the responsibilities of the information.
Disgruntled employees also offer an obvious security risk. They may feel compelled to share their previous employer’s information with rival businesses. To prevent this, software can be put in place that allows companies to remote wipe their information from devices.
If employees are using their own devices, rather than those supplied by the company, there are also more accidental threats to consider. Any person who owns the device is within their rights to allow anyone to use it. This may result in the unintentional deletion or passing on of confidential data to unwitting third parties.
Protecting Your Data
All of these security threats are undoubtedly troublesome to small and large businesses, especially if the information is confidential. Luckily there are steps that can be taken to limit the likelihood of these potential threats.
Passwords
It seems obvious but many devices aren’t password protected. It may be frustrating to your employees but stopping others accessing data is the most effective way to protect it. To make life easier for employees it is possible to password protect individual apps, this may be the most effective route to take if company data is saved through the cloud or similar online storage.
Timeout features
Implementing timeout features to programs on laptops prevent information being left open if the laptop is left unattended for any reason. This may be vital if employees work during their commute.
Limit access to data
Storing your data on the cloud, or similar online storage facility, helps a business keep track of important files and the work that has been carried out on them. Having such storage open to all employees can be confusing and a potential security risk. It may be appropriate to password-protect certain data, only allowing access to those who need it.
Help your IT team
IT teams are often swamped as it is, without the extra pressure of numerous personal devices to maintain. If your company is supplying smartphones to their employees, try and keep the devices to a single brand. If, as is more commonly the case, the devices are employees’ own devices, try providing them with self-help guides. Many common problems can be fixed quite easily.
Inform employees of polices
It is important that both employers and employees are aware of their obligations regarding BYOD. You should consider whose responsibility it is to maintain the devices. Create a clear procedure of what to do should the device be stolen or lost, and, most importantly, how to go about removing the data and access should the employee resign.
There may be risks in employees bringing their own devices, but there is no doubt that such an ability improves productivity and company morale. With the right polices in place, BYOD can be very beneficial and hold very little risk.
http://ico.org.uk/for_organisations/data_protection/topic_guides/online/byod
http://www.zdnet.com/five-security-risks-of-moving-data-in-byod-era-7000010665/
William Thompson
William Thompson is the Marketing Manager at Power Admin, a server monitoring software business in the Kansas City area. You can find him on Google+ and Twitter. William has been a professional in website design, digital marketing and 3D/graphic design for over 20 years.