As BYOD continues to increase in popularity, so do related security threats. Find out how to protect your data if a business device is lost or stolen.
Hardly a week goes by without news of a digital security breach or stolen data making the headlines. Between the recent Uber hack and reports of a Pioneer Bank employee’s laptop containing customers’ personal information being stolen, it certainly seems that data theft is on the rise.
However, it’s important to point out that the threat to digital security doesn’t just come from hackers. The loss and theft of devices containing business information is also a considerable problem.
In fact, according to a recent report by The Guardian, more than 600 laptops were stolen from the BBC and its staff over the past five years, and freedom of Information figures also revealed that between 1 March 2013 and 28 February 2014, more than 180,000 computing and communication devices were reported lost or stolen to UK police.
The risks that this causes businesses hardly needs to be emphasised; if only a fraction of the above losses involved sensitive data being put at risk, the consequences could be dire.
Data and The Law
Apart from the huge impact that a security breach could have on your company’s reputation, it could also have a significant financial impact.
The Data Protection Act 1998 requires every organisation that processes personal information to register with the Information Commissioner’s Office (ICO). The ICO works with organisations and the public to ensure that the Data Protection Act is upheld.
In order to ensure that data is kept secure, the Data Protection Act says that:
“Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data against accidental loss or destruction of, or damage to, personal data.”
Therefore, if a company is not taking the necessary steps to prevent data security breaches, the ICO can leverage sizeable fines.
Bring Your Own Device
In the modern workplace, BYOD (Bring Your Own Device) has become increasingly difficult to ignore. In fact, by 2017, Gartner predicts that half of all employers will require employees to supply their own devices.
BYOD has been defined by Gartner as ‘an alternative strategy that allows employees, business partners and other users to use a personally selected and purchased device to execute enterprise applications and access data’.
The benefits of BYOD are huge, and include creating mobile workforce opportunities, improving employee satisfaction and productivity, driving innovation and reducing capital expenditure.
However, as businesses invest in technology and infrastructure that supports BYOD, concerns surrounding data loss, cyber-attacks and malware have also heightened.
Promote BYOD Security
If your business is allowing its employees to bring their own devices, it’s essential that you’ve got a robust BYOD policy.
Start by talking to your employees about the importance of security and the impacts that breaches could have.
Ask your employees to, at the very least:
- Set a strong password or passcode on their device (and make sure that it’s activated as soon as the device is ‘sleeping’.
- Install an app that can locate missing devices
- Encrypt your data or use a secure data transfer service like Maytech Global Data Transfer to save it on a protected cloud.
- Use caution when downloading apps (to avoid malware, spyware and viruses)
- Practice ‘safe browsing’
Remember, security doesn’t have to be a strain. Simple things incorporated into your employees’ daily routine can make all the difference to keeping data safe.[su_box title=”About Maytech” style=”noise” box_color=”#336588″]
Maytech provides a global cloud platform for secure and reliant data transfer, wherever you are. Maytech operates a global data network with hubs in Europe, America, China, UAE and Australia. Providing accelerated transfers and fast regional downloads worldwide.[/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.