Thursday, June 13, 2013
Unsupported BYOD is a recipe for disaster
Failure to support BYOD puts companies at significant risk of a data breach.
Bring your own device (BYOD) is one of the most important IT trends to develop in recent years. Employees in every industry are now using their personal smartphones and tablets to conduct work-related tasks while at home, on the road or elsewhere. This greatly increases productivity as workers become more flexible and agile. The policy is also extremely popular with workers, meaning that those firms which implement BYOD are better able to retain a skilled workforce, whereas those that don't may struggle to attract talented young workers who have come to expect this option.
However, with all of that said, there are undoubtedly risks involved with the embrace of BYOD policies. Most notably, companies are wary of the additional security risks that these operations entail. When employees are allowed to use their personal mobile devices to access, store, send and receive sensitive corporate data, the risk of these files falling into an unauthorized user's hands increases significantly. Such a data breach can have devastating consequences, including a damaged reputation and the loss of intellectual property.
For this reason, a significant number of companies have simply forbidden BYOD. Yet while this may seem like a safer solution, in reality, it is actually extremely dangerous.
BYOD, one way or another
The problem with a strict no-BYOD policy is that it is becoming increasingly unrealistic. The more companies that adopt BYOD, the more that employees will expect to be able to use their personal mobile devices for work. If this expectation is thwarted, workers will have a variety of reactions. Obviously, some, and hopefully most, will abide by the policy and avoid using their devices in this capacity. However, many others will resent such a restriction and, as a result, will be far more likely to ignore it. They will use their personal devices for work with or without official approval.
This is a major problem for companies because it reduces the oversight of these devices. It is already extremely difficult for firms' IT departments to effectively manage security in a BYOD environment. If the devices are being used without approval, and therefore without the IT department's knowledge, the risks are exponentially increased. Workers pursuing BYOD without approval are less likely to install and maintain antivirus and antimalware measures on their devices, and they are more likely to use insecure methods for sending and receiving files.
To avoid this result, businesses should acknowledge the fact that BYOD is here to stay. Realistically, only those firms responsible for the most extremely sensitive information, such as certain government agencies, can justify ignoring BYOD.
Next, these organizations must invest in secure file sharing solutions designed specifically for BYOD environments. This is a critical step, as without easy-to-use, secure tools in place, employees are likely to resort to less burdensome, more risky options.
By making secure file sharing options readily available and actively supporting their use, business leaders can ensure that their employees enjoy the benefits of BYOD without additional risk.