BYOD use ‘increases risk of cyber security incidents in SMEs’
Published On: May 23, 2018 |
Small businesses employing a bring your own device (BYOD) policy are more likely to experience a cyber security incident, new research from Paymentsense has found.
The firm found that 61 per cent of SMEs have experienced a cyber security incident since introducing a BYOD policy.
According to Paymentsense, BYOD schemes are common among small businesses of all sizes, but larger SMEs are more likely to have introduced such a policy. For microbusinesses of up to ten staff, the rate is 40 per cent. This increases to 51 per cent for businesses of between 51 and 100 people, rising to 69 per cent of businesses comprising 101 to 250 people.
However, as the popularity of BYOD grows, so does the risk of cyber security issues. The most common cyber security incident suffered by respondents over the last 12 months was malware, which affected 65 per cent of SMEs. This was followed by viruses (42 per cent), distributed denial of service (26 per cent), data theft (24 per cent) and phishing (23 per cent).
Chafic Badr, head of digital at Paymentsense, said: “As with all cyber security issues, the biggest factor is the human one – employees need to be aware of their responsibilities and the risks associated with a BYOD system.”
He explained that this is particularly important in the age of the General Data Protection Regulation.
Mr Badr added: “Business owners should create concise guidelines to help staff use best security practices in their daily activities – both within the office and outside. It’s also worth remembering that when mobile device users are away from work, susceptibility to threats such as phishing tends to increase.”
According to Mr Badr, regular engagement and communication with staff at all levels is important. Business owners cannot afford to assume all staff will educate themselves to the right standard.
He highlighted the fact that “if mistakes are made”, an incident response plan clarifies responsibilities and ensures timely action is taken to contain and control the situation.
Share This Post, Choose Your Platform!
With over 20 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.