One of the most popular trends sweeping its way through the work force is BYOD (Bring Your Own Device). The name means just what you’d think. Employees bring and use their own personal devices for work. The trend actually brings a number of benefits. For one, it saves employers from purchasing new phones or computers for everyone. In addition, it allows employees the ease of using machines they’re familiar with, which greatly improves productivity and morale. Finally, no longer are workers weighed down with multiple devices. Instead they can use one device for work and play.
However, there are a number of companies resisting BYOD. Why? Because while the benefits exist, they believe the security dangers and threats outweigh the positive.
95 percent of IT and security professionals struggle with BYOD security threats, and most expect the number of incidents to grow. Most personal employee computers aren’t fitted with the same quality of privacy and security software that corporate devices have. Not to mention personal browsing habits and downloads often come from unprotected sites, which can seriously compromise systems. Employees can transfer infections they’ve picked up on unsecured networks outside of the office to the company’s grid, causing widespread damage.
Featured Download: Social media access at work. Do your employees know the rules?
Furthermore, there are so many different types of devices and operating systems brought into work, it’s hard for businesses to create custom solutions that fit so much variety. As of now, the most vulnerable of all devices are Android-based. The majority of malware attacks are directed at Android devices, and considering their popularity, that poses a major threat for organizations.
Surprisingly though, the main danger of BYOD security threats aren’t the enemies coming from outside but carelessness on the inside. Ultimately, professionals blame negligent employee behaviour as the ultimate risk and source of issues that make their way into company networks. For example, one of the biggest issues resulting in lost company information comes from misplaced devices. You can’t blame cybercriminals when you forget your phone in a taxi or on the plane.
Coming up with the right security protection isn’t easy and comes with a number of challenges. Employers have to balance finding security measures that give IT departments some control without scaring employees into thinking the company is tracking everything they do. Or what happens if a device is lost? A lot of companies use remote-wipe capabilities, but how does that work with devices that also contain personal information? And with today’s tech-oriented criminal, will a remote wipe really protect the information?
Because the majority of issues stem from carelessness, one of most effective ways to protect important information is by training employees and providing them with tools and information to avoid threats. While they may want to use their own devices, they’re also responsible for protecting company data on those devices. Solutions could include outfitting devices with antivirus software or security apps. Also, guidelines outlining how devices should be used to protect security would be helpful. People are concerned about their personal information, so any advice on how they can protect themselves will be well-received, suggestions which will all the while benefit the company’s security. Also, make sure to have the right services in place for employee use. For example, cloud storage is incredibly helpful for collaborative efforts. However, if your company doesn’t offer a secured service, employees will turn to alternatives, like iCloud or Dropbox, which aren’t as safe.
A final warning. Enforcing company-issued devices isn’t the right solution to BYOD security, not simply because employees might sneak in devices, causing even more problems, but companies could find themselves fighting a current moving against them. New technology and widespread adoption of these devices has led to a very tech-savvy younger generation. BYOD isn’t going to disappear; it’s going to evolve as technology does. New college grads are gadget friendly. Believe it or not, young job seekers use BYOD in their decision making when picking employers. They’ll avoid organizations that restrict personal laptops or phones. Instead, these young professionals want to work for more progressive, forward-thinking companies, of which BYOD is an indicator.
By Rick Delgado | @ricknotdelgado
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.