With the explosion in affordable mobile devices like smartphones, tablets, personal laptops, and even smartwatches, many businesses have or are in the process of implementing a bring your own device (BYOD) policy. Software company Code 42 reveals in their 2016 Datastrophe Study that 67% of IT decision makers and 87% of CIOs and CISOs believe that they have a clear and comprehensive policy.
However, end users do not share that belief: 67% of employees find their BYOD policy is unclear. This divide between IT professionals and end users can have consequences within the organization, especially when it comes to security.
The Increase in Employee Endpoint Devices
In the past, employees used a single device, usually one that is stationary and connected to their organization’s IT-maintained firewall. Now, however, many employees use multiple mobile devices: 26% have a minimum of two devices from their employer, and 5% have five or more.
This means that businesses need a clear, concise BYOD policy that all employees must adhere to in order to maintain a level of security. According to the Institute for Critical Infrastructure Technology, unsecure mobile devices are especially susceptible to ransomware. Backup and recovery solutions will help with this, but a clear BYOD policy will help stop problems at the endpoint — before they happen.
Working with Employees
The convenience of BYOD is one of its biggest selling points, but it also means that the devices are not under the full control of IT professionals. IT professionals need to work with employees, which means not only training them to consider security alongside flexibility, but also taking into account the habits and needs of their end users. Monitoring and tracking employee behavior will help IT understand what apps are being accessed, how safe they are, and whether or not they should be allowed within the company environment. A clear policy will also help employees understand what personal data they can mix with their business data.
Education and Communication
Uneducated employees often have bad habits that can harm a business’s security, but because they haven’t had the proper training, they don’t know that these habits can compromise their devices. Education and open communication is key to changing bad habits and improving security at all levels. At the same time, IT professionals need to be flexible so that they can adapt to ever-changing technology and the working environment.
Although it may seem like a lot of work, especially for an already established business with multiple employees, a clear BYOD policy will ensure better security and less confusion. Educating and communicating with employees will reduce the risk of ransomware at the end point and help eradicate bad habits, without sacrificing flexibility.