Tuesday, April 16, 2013
Firms must prioritize security to avoid BYOD disasters
By this point, most companies have reached the conclusion that bring your own device (BYOD) is here to stay. BYOD policies are extremely popular among employees, as workers generally prefer to use their own smartphones and tablets when working outside the office. And firms benefit as well, as BYOD can create a more flexible, productive workforce.
As BYOD becomes increasingly prevalent among companies in every industry, those organizations that are slow to leverage these strategies will be at significant risk of being outperformed by their rivals.
However, this does not mean that firms should pursue BYOD policies hastily. As industry expert Jeetu Patel, writing for Quartz, recently highlighted, a poorly considered BYOD policy can turn bring your own device into bring your own disaster.
To a significant degree, security issues in BYOD environments are closely connected to problematic employee expectations, according to Patel. He noted that workers generally want to maintain access to the collaboration tools which they are used to utilizing in the office. Yet there often are no IT-approved, secured alternatives available in this capacity.
Consequently, employees will turn to less safe options to achieve this level of usability. Because these apps and programs have not been vetted by the organization, they will also not be on the IT department's radar. This makes it difficult, or even impossible, for the firm to ensure that workers' devices remain protected.
Patel pointed out that when employees seek out workarounds, the solutions they settle on will not meet most IT departments' security standards. This, combined with the fact that employees' personal devices are designed for consumers, not enterprises, and therefore lack high-level security solutions, can put a firm's corporate data at risk in terms of loss or exposure.
Patel asserted that this state of affairs is increasingly leading workers to essentially "go rogue," using unapproved options to complete their work.
"The collective thinking among BYOD-empowered users appears to be: Ask for forgiveness, not permission," Patel observed.
This, of course, is tremendously problematic for companies, as the consequences of a data breach can be disastrous. Every file lost in such an event will likely cost the firm hundreds, if not thousands, of dollars, and the organization will quite possibly face regulatory discipline as well. Most importantly, companies that lose client data will be perceived as careless and may lose the trust of potential and existing customers, greatly damaging their bottom lines.
With all of this in mind, firms eager to take advantage of BYOD need to prioritize investment in the right tools. Specifically, organizations should seek out and deploy secure file sharing solutions that do not require significant effort on the part of users. If the security program essentially runs in the background, users will be far more willing to install and utilize it on their personal smartphones and tablets, thereby preserving the integrity of data accessed, sent and received on these devices.