Data Security With BYOD

As smartphones, tablets, and laptops have become increasingly intertwined with our daily lives, they’ve become a more integral part of our work lives too. The majority of companies have adopted policies that empower employees to use their own devices for work versus only having company-issued devices.

Welcome to the world of BYOD (Bring Your Own Device), fueled by the larger trend around the consumerization of IT. This shift means that consumer technology is now influencing business processes, whereas the opposite was once true. The statistics tell a compelling story:

  • 59% of companies allow employees to use their own devices for work, with another 13% planning to do so within a year
  • 87% of companies rely on their employees using personal devices to access business apps
  • 69% of IT decision-makers favor BYOD because it saves workers time
  • 53% of employees believe they’re more productive when they use their own devices

Employers and Employees Prefer BYOD

It makes sense that employees would prefer BYOD. They get to leverage a device they’re completely familiar and comfortable with; they minimize the number of devices they have to keep track of and carry around; and they can catch up on emails and other work tasks wherever they happen to be.

But there are advantages for employers too, besides the productivity gains mentioned above. They can save on hardware costs, and organizations can also expect people to update their devices’ operating systems more frequently than they could update their entire enterprise.

BYOD Brings Serious Security Risks

All the benefits of BYOD are counterbalanced by the serious challenges it presents for securing a company’s data. Just a couple of common examples: What happens if someone’s phone or laptop is lost or stolen? What about when an employee leaves the company – and still has access to business systems on their mobile device or laptop?

Companies can adopt a BYOD policy without compromising security. But they have to think through the things that can go wrong and have a plan in place for every eventuality.

One answer lies in Mobile Device Management (MDM). This enables IT departments to ensure that only approved devices and known users are engaging with corporate-supported or BYOD devices. If a phone is lost or stolen, it can be located or, if necessary, have all corporate information permanently wiped. Importantly, MDM can also prevent employees from inadvertently downloading malware or spyware that can infiltrate your network and wreak havoc.

An added layer of protection comes in the form of Mobile Application Management (MAM). In the same way that MDM empowers IT departments to take control over devices, MAM does the same on the mobile application side. It lets them make sure users are adhering to corporate policy regarding which apps they can download, and it limits how much and what kinds of data can be shared between apps on a device. It also provides a partition between apps for work and those for personal use.

Encryption provides a third essential safeguard in the fight to keep data secure in a BYOD environment. Every enterprise with a BYOD policy should have robust encryption of company data in place, whether it is in transit or in storage. That way, if an employee’s device is accessed, sensitive information will not be compromised. Unfortunately, 76 percent of companies don’t encrypt mobile devices, providing data thieves with numerous endpoints for potential access to company information.