Combating The Risk Of BYOD Culture
Nov 07, 2014
Not all that long ago the practice of using personal devices at work was frowned upon in many workplaces.
It was viewed as a threat to productivity, a threat to security and a barrier to effective quality control and monitoring. Fast forward to today and the sentiment towards utilising personal devices for work has well and truly shifted. A large number of companies these days not only allow personal devices, but actively encourage or mandate it.
The benefits are clear. Employees like to work on familiar machines, they can work anywhere, any time and it saves money. That is not to say that the culture of 'BYOD' (bring your own device) is without it's risks. With the widespread use of cloud computing, employees can access sensitive company data from anywhere.
There are several potential issues that emerge from using cloud applications and user owned devices. Of particular concern, is what happens when an employee leaves a company. It emerged recently that less than half of all companies have any safeguards or procedure for dealing with a terminated employee, and the data they may take with them, perhaps even without knowing. It also recently emerged that more than half of businesses had discovered a terminated employing attempting to access their systems in the past.
Lost or stolen devices are another huge threat to security. When those devices are personal and not contained within an office the risk of loss or theft increases dramatically. Combine that with the fact that employees may not use robust and varied passwords across different services and devices, and it is easy to see just how quickly a security can be compromised.
What can be done to combat the threats outlined above?
1. Training. This is vitally important. The number one threat to security remains human error. Develop procedures to minimise risks. Educate employees and make sure they act in accordance with company policy.
2. Two factor authentication. This can be a pain but it really is worth it for protecting your most sensitive data.
3. Remote Access. Being able to wipe a device remotely should it fall into the wrong hands can often prove to be an invaluable tool.
4. Automatic back up. Running an automatic back up system ensures that data is never lost, even if a device is lost or stolen.