It has become increasingly common for organizations to embrace bring-your-own-device (BYOD) policies in recent years in order to meet employees' rising demands for flexible work options. And these initiatives can provide considerable advantages, from enabling more effective telework or easier working on-the-go to reducing costs and fueling productivity. However, when businesses allow staff members to access sensitive corporate information on personal devices, there are security issues that must be addressed to ensure that data is not misused, compromised or stolen.
ZDNet reported that at a recent roundtable held by the source, it became clear that security is still not a top priority when adopting BYOD. Pratyush Khare, technical director of archival solutions at Hitachi Data Systems Asia-Pacific, reportedly noted that many companies implement these policies to maintain employee satisfaction, but security remains an after-thought. In fact, Stuart King, strategy director at Dell Asia-Pacific, explained that a survey by his company found half of end-users have no corporate policies in place governing BYOD. But the risks of mobile devices to a company's network are too great to ignore. While the productivity benefits of these policies are considerable, these rewards can be quickly overshadowed by a breach or other incident.
Jimmy Sng, partner at PriceWaterhouseCooper Singapore, told ZDNet that one of the reasons that BYOD tends to open up new risks is that many times these practices happen accidentally. Without a planned approach, enterprises may not be prepared for all potential threats involved. He explained that data use policies and adequate solutions need to be in place before BYOD can be effectively and securely embraced.
ZDNet pointed out that many corporate policies may look at securing the device but fail to take into account the data and applications themselves. Stephanie Boo, regional director of South Asia-Pacific at FireEye, was confident that apps remain a major challenge and vulnerability in terms of IT security for BYOD adoption.
According to Small Business Trends, studies in 2012 found that an overwhelming 95 percent of large companies already allow employees to use personal devices for work. Still, the source asserted that firms face more IT security threats than ever before, which will continue to multiply as enterprises adopt new endpoints. The news provider recommended devising a written policy for BYOD that clearly defines regulations for use and requires the registration of all devices with the IT administrator. Additionally, Small Business Trends suggested outlining best practices, including guidelines for password protection and notification if a device is lost or stolen.