The thought of users bringing their own devices to work (BYOD) is enough to keep any IT manager up at night. While BYOD increases productivity, IT pros know BYOD users expose their organization to huge security vulnerabilities.
If your organization has already embraced BYOD, you know the challenges of enforcing company security policies on a user’s personal device. For all parties involved, there is hope! Many tech providers offer BYOD security solutions that address security vulnerabilities while satisfying user privacy. Here are the ways your organization can address the five biggest BYOD security risks.
A user who does not understand their company’s BYOD security policy is an instant vulnerability. To make matters worse, less than half of all companies that allow BYOD have a policy in place. “You can set up security across your network, but how effective will it be without policy?” says Jeff Hunt, Cisco Sales Engineer for D&H Distributing and network security expert. “Policy is a big part of BYOD, and it’s the part many people forget.”
User Tip: Reviewing your company’s BYOD security policy will inform you of your rights, responsibilities and give you an opportunity to ask meaningful questions about acceptable device use. Is your company’s policy to restrictive or too vague? Now is the time to ask.
IT Pro Solution: Make sure your organization’s BYOD security policy is something the employee can agree with and buy into. The policy should spell out employee’s rights and responsibilities, determine acceptable device use and specify what the business will access (or not access). It should also define the procedure for when a device goes missing or when an employee leaves the company.
Lost or stolen devices
Over 60 percent of network breaches are due to a lost or stolen device. This would be your worst-case scenario because a single missing device containing sensitive data is enough to jeopardize the entire business.
User Tip: Protect all of your devices with multifactor authentication (MFA). The more obstacles a potential thief faces, the greater chance your company’s data remains protected.
IT Pro Solution: An Mobile Device Management (MDM) solution plays an important role in BYOD security because it gives admins the ability to lock or wipe a device in case of emergency or when an employee leaves the company.
“The convenience that allows people to do their jobs gives others the same convenience to intercept their data,” Hunt says. Free public Wi-Fi in the airport coffee shop is convenient, but its unsecure wireless network puts your company’s data at risk. 40 percent of mobile devices used for work get exposed to an attack in the first four months of use.
User Tip: Stay out of harm’s way by connecting to a company VPN connection, a private Wi-Fi connection or a tethered mobile phone network. Each of these secure network options offers better protection.
IT Pro Solution: Deploy a solution that lets you create a unique security profile for each end user. Profiling helps you tailor a unique security solution to each user that is designed to fit their needs while satisfying your organization’s overall security demands. A solution like Cisco Identity Services Engine (ISE) lets you customize security policies based on the type of user, where they are, what device they are on and the time of day.
The number one mobile security concern among IT pros is users downloading apps infiltrated with malicious malware code. A free flashlight app you downloaded is helpful when you drop your car keys in the parking lot, but there is also a chance it’s even more helpful to the cybercriminal who’s secretly using it to access your device.
User Tip: Avoid ‘jailbreaking’ or ‘rooting’ your device (installing unapproved apps or making unauthorized customizations) on your device because it opens up new vulnerabilities by bypassing built-in security features.
IT Pro Solution: With a Mobile Application Management system, you can customize controls based on how apps are used, the type of user, the application, the network or the time of day. You can also specify which apps are approved and which ones are banned. With Citrix XenMobile, you can set up their own enterprise app store, where users can download custom-made enterprise apps or approved third-party apps to their devices.
Unsecure data transfer
“The IT world is a control-oriented field,” Hunt says, “Unfortunately, the more wide-open you leave things, the harder it is to control it.” Without protections, all of the data on your device — including emails, messages and photos — could be intercepted. Controlling the flow of data to-and-from a user’s device can prevent a costly data breach, which cost companies an average of $3.79 million in 2015.
User Tip: Encryption is one of the best ways to protect data in transit because it encodes your data and the only way to decode it is to have the right key. Taking 30 seconds to set up a PIN code or password on your iPhone not only protects your device, but it also activates data encryption automatically. If you have an Android device, you can access your security settings to enable encryption.
IT Pro Solution: Use a Mobile Content Management (MCM) to separate company resources from user data with ‘containers’. This type of control lets you manage secure company data while keeping user information private.
The complete solution
If individual solutions aren’t enough to eliminate your vulnerabilities, a single Enterprise Mobility Management (EMM) contains MDM, MCM, MAM solutions and user profiling while offering full endpoint security. Consider EMM solutions like Cisco Meraki, which offers control over the entire BYOD environment, or VMWare’s AirWatch, where admins can easily monitor their network through a web-based console.
Choosing your path
As the demand for BYOD increases, you need to weigh which security strategies are right for your organization. Allowing BYOD at your workplace without security measures will cost you in the long run. We at CCB know that each business has unique security needs. Let us know how we can help you find the right BYOD security solution that protects your company’s data and your employees’ trust.