BYOD in the age of rising cyber security concerns

BYOD in the age of rising cyber security concerns [Image: PeopleImages via iStock]

Companies are increasingly adopting more flexible working, with many of them allowing their employees to work remotely. This has in turn led to a rise in the number of personal devices being used for work purposes.

Bring your own device (BYOD) policies allow members of staff to get work done while on the move or if they’re caught up and unable to get into the office for whatever reason.

However, it’s not just their own homes or cafes where employees choose to use their personal devices to work. Many businesses are now allowing staff members to use their own smartphones, tablets and laptops to carry out their duties while actually in the office.

This is largely because business leaders are aware of the productivity benefits of allowing their workers to use devices they are already familiar with and have previously set up. It also results in significant cost savings for companies as they don’t have to purchase any of the expensive equipment their employees require to do their jobs.

Challenges of introducing BYOD policies

However, there are numerous security concerns that prevent businesses being able to fully embrace the BYOD trend. Employees using their own devices presents the risk of your organisation losing visibility over enterprise data. The threat of stolen or lost devices is also significant.

Data protection is one of the most serious issues facing businesses today, particularly due to the incoming General Data Protection Regulation (GDPR). When it comes into force in May 2018, GDPR will mean companies are going to have to pay more attention to keeping their data – and that of their customers – secure or they will face huge fines.

So many people using their own devices for work purposes could potentially pose a problem to the protection of data. Businesses therefore need to make sure they are focusing their attentions on keeping everyone’s sensitive information secure.

This is why the data protection market is expected to reach $119.95 billion (£86 billion) by 2022, rising from $57.22 billion in 2017. Research by ReportsnReports has found that these solutions include data backup and recovery, data archiving and eDiscovery, disaster recovery, encryption, tokenisation, data loss prevention, identity and access management and compliance management.

Companies not securing data

However, huge numbers of companies are not taking the necessary precautions and are therefore leaving themselves open to attacks.

A recent report by data protection company Bitglass found that one in four organisations are not enforcing any form of multi-factor authentication in their BYOD policies. According to the report authors, cyber attackers using compromised passwords to gain access to networks through single-factor authentication have caused a number of high-profile data breaches.

Rich Campagna, CEO of Bitglass, explained: “Enterprises often misjudge the effectiveness of traditional security solutions, many of which are readily bypassed. The BYOD boom exposes organisations to risks that can only be mitigated with next-gen, data-centric solutions that secure access.”

His firm’s report also found that unmanaged device access is a major concern for 40 per cent of those surveyed, which emphasises the need for protecting data beyond the corporate network. The right mobile data management system is essential to keeping sensitive company information secure when employees use their own devices.

Companies will need to ensure they are keeping an eye on all potential threats to their data security if they have introduced a BYOD policy. Only when they are aware of all possible risks will they be able to keep their data secure.