Published Jan 07, 2017 by Xiph
Bring your own device (BYOD) is a trend that is gaining traction in many workplaces. It refers to businesses where employees are not given a smartphone or tablet by the company, but instead use their own personal devices for work as well as their private lives.
This blurring of work/life barriers has been prompted by businesses trying to save on equipment costs, and employees not wanting to carry multiple devices for personal and work use.
A study of the BYOD trend by Gartner expects that by 2018, 70% of mobile professionals will do all work on personal devices. Business analysts Ovum for Logicalis Group, reveal that 79% of employees in high growth markets believe constant connectivity with work applications enables them to their job better.
The downside of BYOD ? Ineffective End-Point Security.
The rapid deployment of BYOD access by in-house IT departments opens up your internal infrastructure to the threat of malicious individuals gaining access to sensitive information.
In a survey, The PwC 2015 Information Security Breaches Study on UK Corporations found a 100% increase in mobile device breaches – a trend that isn’t slowing down any time soon.
IT administrators have limited control over what users install on their devices, and in many instances, whether they modify the operating system by rooting or jailbreaking the device.
Here’s a breakdown of the BYOD risks, and what you can do to reduce them.
Increased exposure from lack of encryption
A typical BYOD smartphone routes its calls, SMS, emails and internet browser over the usual channels. This makes it easy for hackers to access the information that’s transmitted or stored on the phone.
But phones such as NCryptcellular’s Nexus 5X and Nexus 6P offer leading security right at the operating system level, with applications for secure communications through PGP encryption and encrypted voice.
NCryptcellular’s enterprise platform also offers encrypted conference calls, private email hosting and remote burn functionality for messages and attachments.
Downloading apps and programs
Unless you inspect your employees’ phones each day, it’s impossible to know what apps are installed on them.
For example, hackers created an app for Tesla car users that once downloaded to a smartphone, enabled them to access the car.
It’s just as easy for hackers to create an app that can tunnel into your employees’ BYOD devices, and start snooping around, putting both their personal information and your business information at risk.
Devices operating outside of your firewalls and intrusion detection systems
It doesn’t matter if you have the best firewall protection money can buy, once an employee connects to your company’s internal server using the Wi-Fi at an airport, café or hotel, you’re exposed to man-in-the-middle-attacks (MITM).
An open Wi-Fi network is unencrypted, which is why you don’t need to enter a password when you log on. Standard devices are exposed to malicious individuals hijacking data and sniffing passwords on open public Wi-Fi networks.
Security predicted as a big trend in 2017
Under new government legislation, business owners are now legally required to disclose and protect against data leaks.
According to a survey by Spok, 81% of chief information officers put data security as a first priority.
In 2017, we can expect to see companies issuing stricter guidelines for employees who use their own devices for work to avoid penalties under the new laws. CIOs also need to allocate sufficient capital to mobile security products and training.
Employees who rely on BYOD to maintain the flow between work and personal life will be looking for a smartphone that’s not only appealing but has the best security measures available.
Talk to us about how our encrypted smartphones can enable you to offer BYOD at your business, without the risks.
The solution?
Provide your employees with a security-focused smartphone which prevents malicious software from being installed and unauthorised access to business and personal data.
Empower your in-house IT department with specialist security training and the latest advanced mobile device management (MDM) tools.
Posted in: Security