Over the last decade, there has been a rising trend of companies implementing Bring Your Own Device (BYOD) policies for employees. According to employment site, Zippia, 83% of companies have a BYOD policy of some kind, most of which are employees using their own phones for work, but many also utilizing their own computers to conduct business. Among the benefits to the company of such a policy include: increased hours of work, increased employee productivity, and diminished equipment costs.
However, while it’s appealing for employees to use their own devicesappeal of BYOD toin the work environment is certainly appealing, the security risks associated with it can be significant if policies aren’t implemented.
Challenges of Bringing Your Own Device
The most prevalent devices that employees use are their phones. Risks with that can include:
- Downloading of unauthorized apps that allow access to photos, contacts and files
- Access to sensitive emails, contacts and files if lost or stolen
- Inability to delete company information if lost, stolen, or compromised
Less common, but more significant from a security perspective, are computers. The same security concerns that exist around phones are present along with the additional security issues of not being able to run checks or updates. Without the ability to automatically push updates or patches, users are more vulnerable to being infected with malware and other viruses, potentially doing further damage to the systems within the organization.
BYOD Security Solutions
If you’re going to allow employees to utilize their own devices for work purposes, guidelines need to be implemented surrounding the equipment with the ability to check if they are being followed. Some of the action items may include setting up security protocols and agreements, password requirements, plus IT permissions and allowances, to name a few. Forbes provides some sound policy recommendations in their article here, and as we’ve noted in the past, the human element is often the weakest link in the security of your systems.
For solutions like this, you can lean on an IT consulting organization to develop and implement sound policies, or review your existing ones. Services like our vCISO partnerships enable you to contract with an expert to build those protocols and work with your HR to implement and ensure compliance. For more information on our vCISO services, check out our post here.
In Summary
While the savings and increased productivity of BYOD may be appealing, if security concerns are not addressed, the full cost could be extremely damaging to your organization.