It may appear at first blush to be a more favorable option than utilizing mobile device management (MDM) of company property, but Bring Your Own Device or BYOD trend has some not-so-obvious risks associated with it. Perhaps surprising to many C-Suite executives, they are the very risks that MDM (and BYOD as a short-cut “fix”) is designed to eliminate. It’s not going to come as welcome news that if you have implemented a BYOD policy over, say, the last six months or year, that the very issues you were hoping to eliminate may likely still be present when having employees bring their own mobile devices to work on and from. Here are the most noteworthy risks associated with BYOD:
- Data Leaks. With the flurry of smartpads, tablets, and new-fangled smart phones with all of their high-traffic apps, it’s actually more likely than ever that your BYOD employees will somehow allow the sensitive company data they traffic in and communicate to be picked up by hackers and other “data leeches” picking up on signals that aren’t properly protected by access permissions and restrictions. If you are going to allow a flurry of mobile devices in your workplace, it’s highly-important to have your IT department at least providing employees stricter encryption keys and passwords, with account and permissions control when they are dealing in vital company trade secrets and data. Think: Hillary Clinton and unsecured email servers.
- Security Vulnerabilities. In a BYOD situation, you are likely forgoing the cost of sound mobile device management, and relying on the promise of employee loyalty more than strict security controls. This is a mistake, because the most all of the same security vulnerabilities will be present by having your employees use their own devices to traffic company data – perhaps even more so. A 2013 Mobile Security Study performed by Hewlett-Packard found that 97% of the employee devices analyzed by the study were found to have at least one glaring security vulnerability. Implementing VPN connections and other account controls and access will take mobile security risks down significantly.
- Infrastructure Compliance Failure. Controlling what applications are allowed to interact with your company network is absolutely essential to overall IT security. With a slew of unchecked, unassigned mobile devices floating around your workplace – combine that with the lack of morale and loyalty many workers in the U.S. and abroad are feeling these days – you have a recipe for a data breach disaster. Your IT department heads should use specific permissions for each user interface, and be able track those interactions on a session by session level with user access privileges control and identification of traffic to and from your IT infrastructure.
Contact our expert IT staff at (978) 528-0110 or send us an email at firstname.lastname@example.org if you have any concerns about BYOD and security vulnerabilities in your workplace, and we will be happy to answer any and all your questions. Radius Executive IT Solutions is the leader in providing managed IT services in Boston and throughout New England.