Bring Your Own Disease (BYOD)
With increasing demand for flexible working, a shift from company owned devices to employees bringing their own devices to the workplace has now definitely arrived. Bring your own device (BYOD) introduces huge risks to IT departments and businesses as a whole.
BYOD has caused a shift where users personal devices are interfacing with corporate data. This puts added stress on businesses to comply with policies and create a decent privilege level.
The toughest challenges sit within SME’s who don’t have the resources or knowledge to secure the data.
BYOD is attractive as there is a saving on hardware and it empowers employees, there are added security risks to look at.
With this in mind staff and data security policies should be top priority for any organisation & ensuring your systems are secure is more important than ever.
These are the Top 3 Threats to BYOD
- User Control – Some users have more knowledge than others in IT, this gives them enough knowledge to be dangerous. They can install custom ROMs or Operating systems on the devices. They can download applications that are infested with malware. Or cracked copies of software and illegal Warez downloads which will put your compliance and security at risk.
- Data Loss – Users that have emails on phones or data on laptops are able to hold the data in insecure locations. They are also susceptible to having devices stolen or lost creating a loss of data.
- Compliance – Bring your own device has inherent compliance risks, how are you going to make sure users are only doing what they are meant to be doing and how far can you look on the devices to see what employees are doing? These are all questions on how you implement your company policies.
One way to get around various BYOD related threats is by moving your data and software to the cloud. There are no issues with software versions or updates. Also if a device is stolen, Data is not lost as there is no data on the device, you can just disable credentials and revoke device access.
However, you will still be at the mercy of a rogue user if they decide to move data onto their devices.