With the rise in the use of smart devices, the lines are blurring between personal and work-related activity for employees outside the office. Companies are rarely issuing separate mobile phones and tablets to employees for exclusive work use and instead, letting employees conduct company business on the go on their own devices – convenient, yes, but fraught with problems.
Formally known as BYOD, or “bring your own device,” this practice is regarded as granting employees the ability to use their personal mobile devices, such as smart phones or tablets, to access company networks and sensitive business data. Employees are exchanging confidential emails with colleagues or clients, sending and receiving proprietary documents or files, and having private phone conversations about company business on their personal mobile devices.
Certainly, BYOD offers a number of benefits – increased job efficiency, timeliness, convenience, even job satisfaction – but it can also expose the company from several angles.
The three most prevalent concerns related to BYOD are ownership, policy considerations, and security.
Personal Device Ownership
When people are asked to use their own devices to access highly sensitive information, an overlap is bound to occur. That is, who really owns the content? This is where it’s hard to draw a clear and distinct line from the standpoint of administrative control.
By allowing the use of your own device for work, the company is handing you a pretty hefty amount of control, but they expect you to know what to do with it. While employees should get extensive training on this practice, many companies simply don’t take the time or make the effort to prioritize this.
Training is needed to ensure that work data will not be merged with the employee’s own personal data and that a non-employee, such as the user’s family or friends, will not gain access to this data if the device were to fall into their hands.
BYOD Policy Considerations
Like training, companies are also failing to develop actual policies around BYOD practices. It only takes one employee and their lax standards for company privacy to cause a business’ data to be compromised.
Your BYOD policy needs to be clear and to the point. Some things to consider in establishing a BYOD policy for your company:
- Ensure that your policies cover all types of devices, from iPhones to Android devices
- Implement a secure login system and require that employees leave their mobile devices locked when not in use
- Determine how employee devices may be serviced when they have technology issues to prevent professional tech experts from accessing your company data
- Determine who owns what data and apps on a personal device
- Decide what apps and programs are not allowed to be downloaded because of the security risk associated with them
- Establish clear practices for when an employee is terminated or resigns and how company data on their personal devices will be removed
The point of BYOD is not to patrol user activity but to increase efficiency. Ensure that your employees know your policies and receive training on the importance of compliance.
As we have come to know, cyber criminals are out for intellectual property and the hacker may be inside your own company. Employees are often the biggest threat to a company’s security because of their access and understanding of what valuable data is held. They also know where to traffic the information they steal and often how to cover their tracks.
Compounding the problem is the careless employee where their personal devices are lost or stolen, and fall into the wrong hands. Security measures must be in place to combat unauthorized access to company information stored on an employee’s device. A successful BYOD policy takes all potential scenarios into consideration and has responses, or designated actions, in place before the problem arises.
The key is to think about how an employee behaves outside the office and how a hacker thinks when it comes to mobile devices that are used for business purposes.
Try Our 30-Day Free Netlokr Trial
Netlokr is a brand new product that replaces vulnerable passwords with a patented photo technology and combines it with a cloud-based cybervault, which allows you to conduct private messaging, file sharing and file storage in a complete secure environment. It takes your communications off of other networks such as Microsoft and protects them from ransomware and hackers. Register now, no credit card needed: https://18.104.22.168/free-trial.