Thursday, February 21, 2013
BYOD security an issue for employees at all levels - including executives
One of the most significant technological trends of recent years has been the evolution of bring your own device (BYOD) policies. As little as five years ago, the notion that employees would use their personal computers, smartphones and tablets for work-related functions was largely seen as unfeasible, extreme and unnecessary.
This is no longer the case. The computing power of personal devices has increased tremendously in a short time, making it entirely possible for employees to work via these mediums. Additionally, smartphones and tablets have become plentiful, with the majority of workers owning one or more of these devices.
To meet demand and maximize flexibility and productivity, many companies have implemented BYOD policies in recent times. However, as many IT experts have noted, these policies often present major security risks for the organization.
However, what is often less well-recognized is that these risks do not apply solely to the general population of workers. On the contrary, the danger must be accounted for at all levels of the company, including executives, as CSO recently highlighted.
An equal-opportunity risk
Speaking to the news source, Ben Haines, CIO at a major brewery, noted that he was shocked by the BYOD policy as applied by corporate executives when he first began work with the company.
"When I started here a year ago, we had execs with an iPhones or iPads and they'd bring it in and hook it up and walk around with it," said Haines, the news source reported.
After Haines explained the inherent security risks of conducting business in this way without sufficient data protection strategies, the executives altered their practices, the news source noted. However, this incident reflects a frequently overlooked issue: many executives are either unaware of or underestimate the seriousness of security problems when it comes to BYOD.
Andrew Borg, an analyst for the research firm Aberdeen, told the news source that the problem is that executives are much quicker to acknowledge the competitive edge provided by BYOD solutions than they are to recognize the risks these policies entail. As a result, many executives advocate and develop BYOD policies that do not provide sufficient data security for the company.
Borg added that a compliance lapse involving an unprotected device can cost a company as much as $460,000, the news source noted.
Another reason why unsecured executive BYOD use is particularly problematic is that employees take many of their behavior cues from corporate leaders. If executives are engaging in risky BYOD behavior, many other workers will likely assume that this practice is perfectly acceptable and less risky than it actually is.
To overcome this problem, executives must prioritize secure file transfer solutions for any BYOD policy. By investing in this technology and emphasizing its use, executives will not only make their own devices more secure, but also encourage greater security throughout the business.