Personal devices have become ubiquitous, with the majority of the population having at least one device that can access the internet. Many businesses are taking advantage of this to implement bring your own device (BYOD) policies, allowing their employees to work — in-house or remotely — with their own devices. This can mean a reduction in IT costs and CapEx, while also ensuring that employees are always able to be contacted. However, there are a number of security risks that come with a BYOD program, including:
- Data loss
- Malware
- Unauthorized access
- Unsafe applications
Data Loss
Loss of data is the biggest priority for businesses with a BYOD program, according to 72% of respondents to Crowd Research Partners’ BYOD & Mobile Security 2016 Spotlight Report. Many companies deal with sensitive data for their clients, making this a top priority for IT departments. It is imperative that the IT department take personal devices into account and work to keep them as secure as possible.
Malware
A single infected device can compromise a business’s entire network, if given the access. Any device registered to a BYOD program should be kept up to date with its firewall, OS, and antivirus. The best way for a business to ensure this is to have policies and procedures in place that all employees are trained on and expected to adhere to. It is also important to have a VPN standing between the device and the network itself, to protect the network by ensuring that all transmitted data is secure and encrypted.
Unauthorized Access
The benefit of employees using their own devices is that they always have access to the network — but the drawback is that they always have access to the network. This means that if a device is lost or stolen, whoever has it next will also be able to connect to the network. PINs or passwords can help keep unauthorized users out, and devices should be registered with the IT department so they can be flagged as soon as they go missing.
Unsafe Applications
There are thousands of apps available for download, not all of which are from legitimate distributors. Like malware, apps can cause serious security breaches, especially in more vulnerable devices like mobile phones and tablets. A strong policy in place will help keep employees from downloading harmful apps, and businesses can also use virtual routing and forwarding (VRF) and virtual switching instance (VSI) environments to separate trusted traffic from untrusted.
Educated employees are the best defense against an unsuccessful BYOD program. Businesses should also monitor network activity and use guardian programs that can intelligently adapt to possible threats. This will ensure that the program is a success and allow the business the flexibility that BYOD can bring.