BYOD Security: 4 Critical Issues

IDG-CIO-CISO-Research-Infographic_10.5-2-1024x412

  In 2015, Seventy four percent of IT leaders from global enterprises reported that their organizations have experienced a data breach as a result of a mobile security issue according to a report from IDG Research (Source).  74%… It’s a sobering thought to many business owners and IT experts knowing that their data could be lost at any time due to an employee’s mobile device.  BYOD brings incredible increases in productivity to the workplace (Up to 81 minutes per week according to this Cisco study: Link), but it also can expose organizations to a number of security risks.  Here are five of the most critical BYOD issues that your organization should address.

 

Lost or Stolen Devices

The biggest risk that IT departments fear is when employee’s devices are lost or stolen. Sixty eight percent of data breaches occur when devices are lost or stolen (Source: Bitglass), so it’s critical that companies implement encryption tactics to ensure that the device is secure against threats. A simple but effective way to ensure that employees secure their device is by prompting them to use even basic security features like using a pin code.

Those employees who don’t keep their devices up to date are at further risk of being targeted by hackers. This includes mobile operating systems as well as apps installed on the device.

 

Poor Communication

A user who does not understand their company’s BYOD security policy is an instant vulnerability. To make matters worse, less than half of all companies that allow BYOD have a policy in place. “You can set up security across your network, but how effective will it be without policy?” says Jeff Hunt, Cisco Sales Engineer for D&H Distributing and network security expert. “Policy is a big part of BYOD, and it’s the part many people forget.”

Make sure that your BYOD security policy is clearly defined and easily accessible for all employees. Users need to understand the policies, what their boundaries are and what happens if these are violated.

 

Apps Containing Malware

Another mobile security concern among your IT department is your employees downloading applications infected with Malware.  Users are downloading easily corruptable mobile apps and connecting to external Wi-Fi spots without having the correct security protocols in place allowing their infected devices access to your network.

Jailbreaking a device can make it even easier for malicious code to corrupt your data because it opens up vulnerabilities by getting around built-in security features.

 

Unsecure Networks

The IDG Research study also found that 82% of organizations have the majority of their corporate data accessible via mobile device (Source).  “The convenience that allows people to do their jobs gives others the same convenience to intercept their data,” Hunt says.  Allowing your employees to take their work with them wherever they go via mobile device can lead to increased productivity, but the free Wi-Fi at the cafe down the street is an unsecure network where your company’s data can be stolen.

Connecting to a company VPN, a private Wi-Fi network or a tethered mobile phone network will provide a much safer option that provides better protection.

IDG-CIO-CISO-Research-Infographic_10.5-1-1024x367