The last time we wrote about this topic, we urged “Please don’t, but if you must”– since then, it’s become clear that bring your own device (BYOD) policies aren’t going anywhere. While BYOD still carries with it a great deal of security risks that could leave your organization vulnerable, let’s focus on how it’s possible to enact BYOD in 2020 while keeping your employees productive and data secure.
The state of BYOD in 2020
According to Frost & Sullivan, using portable devices for work tasks saves employees 58 minutes per day. The same study shows that this approach to working lets staff utilize the benefits of greater flexibility, collaboration, and work-life balance to improve productivity by up to 34%
What does a 34% improvement in productivity really look like? It might be hard to quantify, but think of how commonplace it is now to check your inbox and Slack messages while commuting before even getting to the office. The actual work day now starts before we get to the office for many workers.
In 2020, it’s clear there is a mounting “always-on” expectation for employees. According to Samsung, 61% of organizations expect employees to be available remotely, even if they don’t provide a company phone.
Heading out early on Friday for a long weekend? Doctor’s appointment in the middle of the day? Situations that perhaps would have required taking time off 10 years ago now are more seamless thanks to being able to easily access work applications from a smartphone to work on-the-go.
A balancing act between productivity and security
Enacting a BYOD policy means employees are going to access sensitive business content from the same devices they are checking social media, browsing the web, and communicating with friends. These apps can pose a significant risk because many are unsecured.
So companies can find themselves in the middle of a balancing act–trying to strike the right balance as employees want the convenience afforded by a BYOD policy but the risks associated with increased mobile endpoints and potential exposed data can keep IT managers up at night.
The risks associated with BYOD and how to prevent them
Lost or stolen devices
Almost every company is just one stolen laptop away from a data breach–particularly if hackers are able to gain access to sensitive information.
Solution: To prevent this, specialized mobile device management (MDM) software can be deployed to wipe devices remotely if they’re left behind or stolen.
Network Security
Free public Wi-Fi is convenient when you need to work remotely on the go at the coffee shop, airport, or anywhere in between. However, these networks put your company’s data at risk. This is because hackers have the ability to position themselves between you and the connection point for what’s called a man-in-the-middle attack.
Solution: If working in public spaces is unavoidable, consider a VPN for your team–especially for those with access to sensitive information.
Malicious applications
Devices that allow push notifications or enable location-based services could lead to compromised device integrity. Additionally, malware on mobile devices may be more difficult to detect, because it can mimic popular and legitimate apps.
Solution: With a Mobile Application Management system, you can customize controls based on how apps are used, the type of user, the application, the network or the time of day. You can also specify which apps are approved and which ones are banned.
Data transfer
All of the data on a device could be intercepted without the proper protections in place. It’s imperative to have the proper controls in place around the flow of data.
Solution: Encryption is one of the best ways to protect data because it encodes your data and the only way to decode it is to have the right key. Something as simple as setting up a PIN on your iPhone activates data encryption automatically.
Must-Haves for BYOD at any SMB
Every device used to access the company systems are yet another endpoint to secure, so one way of reducing risk is to ensure you have a mobile device management (MDM) solution in place. MDM provides an enhanced level of control over even employee-owned devices, mitigates the risks with stolen devices, and segregates corporate applications from personal applications.
Beyond MDM solutions, organizations must think about the actual mobile device security policy for BYOD itself and the most effective way to communicate and implement it. Educating employees about the risks their personal devices can create is a crucial step in protecting against data breaches.
The BYOD reality for most organizations
The most likely outcome for organizations now seems to be using BYOD to augment, rather than replace their traditional way of working. For example, this could involve employees having a company-issued laptop while enacting BYOD for mobile devices to aid in remote working.
The relationship between IT departments and BYOD is also subject to change as more employees start using more of their own devices at work. With 5G networks rolling out and enabling a future with more connected devices than ever before, it will be important to keep a mobile device security policy up-to-date to keep organizations secure.
Figuring out all your bases to cover is not an easy process to navigate, and that’s why Electric is here to support your SMB. Electric can work closely with your organization to help you find the right solutions to meet the specific needs of your business.