Bring your own device is one of the fantastic ways businesses can cut costs at no real impact to their employees. However, there are challenges, specifically ones related to security. We’ve compiled a list of them and also how to overcome the most common and harmful ones.
1. Increases data leakage risk
Bring your own device is one of the fantastic ways businesses can cut costs at no real impact to their employees. However, there are challenges, specifically ones related to security. We’ve compiled a list of them and also how to overcome the most common and harmful ones.
1. Increases data leakage risk
As our workforce continues to become increasingly reliant on mobile devices, the threats and leakage of data accelerates, which results in the IT department being relied upon even more to ensure that mobile devices are secure. In terms of security, tablets and mobile phones are definitely the weakest link and also quite prone to attacks. Regular patch updates are required, and it is employees who are responsible for doing this. Gartner reports that by 2017, one out of two companies will not be providing their employees with devices. Therefore, the burden is on organisation to implement procedures and policies that will assist employees in keeping their devices secure.
Tip: Implement procedures and policies for acceptable use that will communicate the boundaries clearly, along with what will happen if they are not followed.
2. Exploits vulnerabilities
CIOs do not have as much control over the devices that are used within their organisation. This means they are increasingly vulnerable to attacks. Today employees connect to external Wi-Fi spots and download mobile apps without the proper security protocols being in place. HP conducted a study that showed that there were privacy issues with 97% of employee’s devices, and 75% of them were lacking in adequate data encryption. These issues can create serious gaps in security that hackers can exploit. This combined with the fact that employees might not have a firewall that is update on their mobile devices or anti-virus protection makes these devices much more vulnerable to being attacked.
Tip: To prevent the spreading of viruses, having a gatekeeper such as a VPN is very important. Before access is granted, it verifies that any data that is being transferred to your IT network from a mobile device is permitted and encrypted.
3. Mixing business and personal data
One of the greatest BYOD security challenges is attempting to cope with personal and corporate data being stored on one device when working remotely from a registered office address. There will ultimately be certain kinds of data that are exposed throughout an organisation, so how this data should be secured needs to be considered.
Malware that the user unknowingly installs is one of the greatest threats for mobile devices. This means that malware could end up on your network.
Another technique that hackers use is keyboard logging to record password and login credentials. One effective way of overcoming this problem is implementing one-time passwords. That way each time a user logs in, a temporary password is used.
Tip: Purchase Enterprise Mobility Management software for monitoring and detecting risks to prevent them from having catastrophic effects.
4. Devices are not taken care of properly
In this area, the biggest risk feared by IT departments is when an employee’s device gets stolen or lost. More than half of all security breaches take place after a device has been stolen. That is why it is critical that encryption tactics be implemented by companies to ensure that devices are secured against threats. One effective yet simple way of ensuring that employees secure their devices is to promote them to use a pin code or some other basic security feature.
Employees who don’t update their devices when necessary are more likely to be targeted by hackers. Updates need to be done to apps installed on the device as well as mobile operating systems.
Tips: Have remote wiping capabilities implemented so that your IT Managers can wipe a device as quickly as possible without needing to get permission from the user. The IT department will then have greater control whenever a device is missing or stolen.
5. IT infrastructure
BYOD makes it necessary for CIOs to modify their current IT infrastructure in order to ensure it is BYOD compliant. It is necessary for CIOs to identify which applications are being used by their employees when interacting with corporate data. Companies must ensure that this data conforms to its present IT infrastructure and is protected. Penetration testing needs to be conducted in order to identify any potential vulnerability with the current IT infrastructure.
Tip: The very first thing that needs to be done is to conduct a full audit on your overall IT environment so that you can determine whether or not your infrastructure is properly set up in order to deal with workforce mobility. When your capabilities are thoroughly reviewed, you will be well positioned to determine whether or not your network layer is completely visible.