For many organisations, BYOD has become the rule, not an exception. In theory, Bring Your Device to Work is an excellent idea because it allows employees to use their personal tablets, smartphones and computers for work purposes. Companies save money and time with this technique.
According to 39% of companies surveyed by the Information Security Community on LinkedIn, security is the primary concern with BYOD.
The obvious risk is how companies can guarantee the safety of the worker’s personal devices. There are many threats to company security such as hackers breaking into employee’s mobile device to gain access to crucial company files.
Higher risk of data leakage
The routes of data leakage are increasing. Companies are exposed when employees access corporate data through cloud servers. It is also noted as the weakest security risk. To mitigate this risk, IT units should consistently perform patch updates on employee phones to plug security loopholes.
Organisations should develop a robust policy that helps to keep devices secure before allowing BYOD. Employees who are aware of the risk will be able to take preventive measures.
Data from an Ernst and Young study reveals that 22% of all mobile devices will be stolen or lost during their lifetime. 50% of these devices are never recovered. There is a risk of contamination because private company information is mixed with the employee’s personal information. Sensitive data could get out in the open.
According to Jake Page, Systems Engineer at Iomart Cloud, “companies should have a policy where employees immediately notify the IT department once their device is stolen or lost. IT will immediately terminate access to the network or apps that access company data. They can also wipe data from the phone in some cases”.
Mobile app breach
There are many forms of malicious software and apps that work towards a single purpose – hacking the device to gain sensitive information. We all live with the danger of important material falling into the wrong hands. A recent case that comes to mind is the case of malicious apps found on Google Play Store that could steal user bank details.
A fix for this problem requires all employees to have Mobile Device Management technology on their devices. It separates employee’s personal information from company data and allows the company to access and remove company data on the phone.
Lack of password protection
You’ll be surprised at the number of people who don’t have a password on their device. Most who do, use a password that’s easy to detect or guess. The device is easily comprised in the case of hacking attempt or theft.
All employees should follow safe password protocols. Prohibit employee from using the same password twice. Ask employees to change their passwords every three months. A survey by Champions Solutions Group shows that 77% of employees are locked out of the company server after 3-5 incorrect login attempts. 73% of organisations require passwords re-entry after 5-15 minutes of inactivity.
A few other best practices to implement in your organisation include
Use network access control software to ensure all employees on the network have an updated antivirus software
The two-factor authentication process for employees to gain remote access to the company network.
Use antimalware and antivirus together to prevent malware and security breaches