BYOD

Keys to Mobile Security

Mobile Security.png

Business mobility is sitting high up the priority list for CIOs in 2019. New research shows 64 percent of enterprises rank improving mobility and mobile security as a top priority. They see mobile access as key to improving employee talent, internal communication, making decisions faster and cutting costs. Mobility, however, comes with challenges. Top of that list is security.

Worries include:

  • Data leak prevention

  • Intrusion detection and prevention

  • Managing access to data

  • Preventing data loss when devices are lost

The concerns of IT leaders are easily justified. 82% of those surveyed said mobile devices can access most of their corporate data. As more enterprises introduce bring-your-own-device policies, more data will be put at risk.

88% of Android devices are vulnerable

University of Cambridge computer scientists recently found that the infrequent release and user reluctance of security updates for Android devices has left 88 percent of them vulnerable to at least one of 11 critical security flaws.

Apple is not in the clear either. The nature of iOS makes it hard for the same analysis to be done on iPhones and iPads, but the researchers said they expected the same level of vulnerability in the Apple ecosystem.

The sources of the danger

An employee downloads something infected with malware or connects to an unsecured WiFi network. The routes to compromise are many and easy to conceive. Once the malware is installed, it begins hunting for or capturing corporate data using the device’s access.

The greatest concern in these scenarios is the general lack of visibility that IT administrators have into potential mobile security issues. Most malware cases go unnoticed until it is too late.

Mitigating risk

Given that the growth in mobile usage is unstoppable (desirable, in fact), mitigation of risk is the only remaining approach.

A separate network for BYOD devices gives you a checkpoint to make sure personal devices and mobile apps are validated. A master security policy can set out exactly what information mobile devices can access. Secure mobile access solutions with context-aware authentication, network access controls and a virtual private network help keep access to only authorized users and mobile apps located on validated devices.

Also:

  1. If you develop and deploy your own enterprise apps, put them through a security vetting process

  2. Treat mobiles like laptops permanently connected to a network outside your control

  3. Know what applications your staff use to access your data

  4. Where possible, encrypt data at both ends of the transaction

  5. Protect data first and the device second. (Your mobile data management system should allow you to wipe a device remotely. Losing data on a server is a far bigger headache — loss of business, furious customers, lawsuits…)

We are here for your security needs!

Name *
Name

We Value Your Feedback

Was this information helpful?
Wast this an interesting read?
CurrentTech_Horizontal.jpg

Pros VS. Cons of a Bring Your Own Device Policy

BYOD.png

Securing Your BYOD Policy


Work practices have undergone a revolution in the digital age. Networked devices and more mobility have blurred the line between work and home as vast numbers of people perform their jobs across multiple platforms, often far from the office.

An accompanying phenomenon is the bring your own device (BYOD) policy which allows employees to use their own laptops and smartphones in the office or, alternatively, to use those devices to work from home.

BYOD has its pros and cons, and organizations that already have a policy in place or are contemplating implementing one need to tick some boxes to make sure it runs as smoothly, and most importantly, securely as possible.

The Good

BYOD has obvious advantages for staff who like the convenience and familiarity of working on their own devices. It could also lead to productivity gains, as users have an affinity for their own personal devices and how they use them.

Personal laptops, tablets, and smartphones are usually more cutting edge, given that companies often don’t update their desktops for years on end. BYOD also allows staff to carry only one or two devices around with them, rather than different ones for work and personal use.

BYOD policies can save organizations money, as they don’t have to spend as much on their IT hardware while allowing workers increased mobility.

The Bad

Having said that, BYOD practices are not free from security concerns. More and more mobile devices provide greater scope for ways to breach a company’s IT infrastructure.

Some employees may not be as stringent as they should be about the information they bring home that could be highly sensitive or confidential. Once they take it out of the office, there’s nothing stopping them from sharing it across devices, networks, emails or even showing it to their family and friends.

Disgruntled employees about to walk out the door pose an even bigger threat. If they are leaving to work for a competitor, BYOD makes it easier for them to take intellectual property with them. Alternatively, if an employee uses a smartphone to access the company network then loses it or it's stolen, an unauthorized person could retrieve unsecured data on the device. Staff can also sell their devices or give them away and forget to wipe company data beforehand.

And The Necessary

A good BYOD policy should contain two critical components: an application or software program for managing the devices connected to your organization’s networks, and a written agreement that clearly states the responsibilities of employers and staff.

For example, IT departments wishing to monitor the use of personal devices must ensure that they only monitor activities that access company information.

Software developers and device manufacturers are constantly releasing security patches and updates for threats such as viruses and malware. BYOD policies should have the necessary processes in place to automatically apply those patches across all the agreed BYOD devices.

Additionally, organizations can simplify the whole process by limiting the number or make of devices allowed in their BYOD programs and the systems they have to support. Supporting a broad range of devices could become an administrative nightmare.

The IT department should also have permission to remotely wipe the device if it's lost, the employee leaves or if it detects a data breach, virus or any other threat to its infrastructure.

BYOD should satisfy employees and management alike, as long as there's a clear understanding of everyone’s responsibilities. Before settling on the best BYOD policy for your organization, it's worth getting input from employees, HR, IT, finance, legal and anyone else who has a stake in the matter.

How Can We Help Your BYOD Policy?

Name *
Name

We Value Your Opinion!

Was this information helpful?
Was this an interesting read?
CurrentTech_Horizontal.jpg

IT Standardization Is Key For Any BYOD Policy

Devices.jpeg

It may have been inconceivable ten years ago, but it didn't take long for today’s workers to get used to bringing their own technology to work. Driven by claims that they can work more productively on their own devices, workers now take bring your own device (BYOD) policies for granted, even though they have created management and security headaches for IT administrators.

Businesses have long standardized their equipment to make it easier to swap in new PCs when old ones break or need to be upgraded. Yet the lack of control over laptops and other BYOD devices is challenging this practice, presenting issues for IT administrators and the integrity of business data.

Administrators often have no way of finding out, or improving, a device’s security profile. This leaves businesses exposed when a new software vulnerability is discovered since administrators have no way to patch or upgrade the software on users’ personal devices; studies regularly attribute most security breaches to unpatched vulnerabilities that had been fixed years ago but were never applied to users’ devices.

Standardize Your Apps

These problems create a compelling case for standardization—if not of the devices themselves, then of the applications that they are running. It’s not just about making system administrators’ lives easier, but by mandating a consistent set of applications, for example, it’s easier to help employees communicate smoothly and effectively regardless of where they go or what device they’re using.

Standardizing productivity applications ensures that documents can be easily shared and used, minimizing the need for costly and time-consuming manual entry of information. It also reduces the need for staff training and making it easier to move employees between locations. It also reduces the number of applications needing support. With the average business already running well over 100 different applications, any reduction in complexity can only be a good thing.

Consolidating your applications also offers considerable cost benefits: you’re likely to be able to spend less on licensing costs than you would when buying multiple applications, and because you’re buying an application for a large number of users you will have better bargaining power with your suppliers.

Consider Cloud Solutions

It’s worth noting the value of cloud-based productivity tools in meeting these goals. Although some users require sophisticated productivity tools for certain jobs, in most environments users could make do just as well with a cloud-based tool such as Microsoft Office 365 or Google Apps. These store data in a central place where all users can easily access, view, and change information from any device, at any time.

The BYOD cat may already be out of the bag, but by standardizing your IT applications and infrastructure, you can reduce costs while remaining competitive, and improve flexibility. By identifying the best opportunities for standardization, you’ll be able to reduce technology-management overheads and ensure that your users are more productive, more often.

How Can We Help Your BYOD Policy

Name *
Name

We Value Your Feedback

Was this information helpful?
Was this an interesting read?
CurrentTech_Horizontal.jpg