How BYOD risks can be overcome

Image: gradyreese via iStock

Organisations have a number of concerns about BYOD that prevent them from implementing the policy, but these can be overcome with careful strategies.

Bring your own device (BYOD) policies have become common in many workplaces. Being able to bring their own smartphones, tablets and laptops into work can result in employees increasing productivity, a definite positive for any company.

However, a number of criticisms around the concept have been voiced, often related to the issue of security. Here, we take a look at these objections and how they can be overcome.

Data breaches

Over half of the respondents to Crowd Research Partners’ ‘2016 BYOD and Mobile Security Report’ said that BYOD policies increased employees’ productivity and satisfaction, but 70 per cent said that they had concerns about data breaches.

This has been a long-running complaint about BYOD policies. When companies are dealing with sensitive information – a list of customers’ details, for example – the stakes are certainly high. However, with the right rules in place, this can be greatly minimised.

Companies need to establish specific guidelines for the use of devices that have access to this type of information. When there are boundaries around what can be done with work-related material, employees are likely to adhere to them. Placing your trust in your staff could also have the added effect of making them feel respected and valued, which can in turn increase productivity levels.

Lost or stolen devices can cause companies to worry about their data being breached. In this case, it is essential that encryption features have been implemented. Businesses should consider deploying a Mobile Device Management (MDM) solution to secure all mobile devices.

Viruses

Allowing employees to use their own devices could potentially open businesses up to viruses. This could happen when the employee unknowingly opens a malicious email or visits a website that will then infect their device.

Using their laptops or tablets at home as personal devices can increase this risk. Again, this is where a set of rules prohibiting certain behaviours will be needed. Companies could compile a list of websites that should be avoided and ensure that email servers are the most secure available.

Holger Schulze, founder of the Information Security Community on LinkedIn, explained: “There is a balance to be struck between security from a company’s perspective in terms of locking down a device against malware, against use of unsecured and untrusted Wi-Fi networks, against content or sites that can be accessed, and the balance on the other side of keeping the device open and useful for the employee.”

The right anti-virus protection and firewalls will also help to negate any risk of infection. This will keep employees’ devices secure and have the resulting effect of keeping the firm’s network clear of any threats.

Whistleblowing

BYOD policies bring with it the risk of whistleblowing from unhappy employees. This is not a risk that can be mitigated by security software but rather by the values and operations of the corporation.

Employees who have access to company information on their own devices are easily able to share this with industry watchdogs or the media if they choose to.

A change to the culture of companies might be necessary in order to prevent whistleblowing. This could be alterations to the way in which complaints are dealt with or making sure that all members of the organisation know the process involved and what the consequences might be.

Employees’ wellbeing

Although most worries about BYOD revolve around the employer’s security, the policy can present potential problems to the employee.

When carrying out work activities on personal devices, it becomes easy for employees to keep working when they are off the clock. This could end up causing distress to the people concerned since they may not be able to ignore their devices, keeping them working far longer than they should.

It becomes necessary for businesses to take the lead and encourage their staff members to finish working when they have completed their activities for the day.

BYOD can offer businesses huge advantages when carried out properly, including lower spending on IT and the chance for employees to be more flexible with their work, which can increase productivity.

Dermot Hayden, country manager at security specialists Sophos, said: “While BYOD can be a great benefit to organisations, it can also introduce a number of risks so identifying them and introducing appropriate controls is an important step that must be taken to protect your business against any malicious attacks and security breaches.”

To minimise any risks involved with BYOD, employers need to manage the policy. They should implement guidelines that allow employees to use their devices recreationally in a secure manner. With the right assistance, this can certainly be achieved.

At Arrow, we could provide your firm with the necessary Mobile Device Management to monitor and control all mobile devices accessing your network.