Access to sensitive information of all kinds has always been an issue, and the onset of the computer era may have only exacerbated it somewhat. Pen and paper also served the purposes of industrial espionage perfectly well, as did CDs, flash drives, e-mail and other data transmission methods in the earlier years. Is BYOD more of a risk or an advantage? Well, NOT implementing some sort of BYOD policy will not make the issue go away, since such ignorance may pose a far greater exposure to various threats.
For one, we all need to accept that BYOD is already here, and outline our company approach. Just as with any technology, there are measures to be taken in order to regulate and contain the potential problems it may bring — at least to some extent. According to the laws of most countries, adults have to be mandatorily informed when a mobile monitoring app is installed on their phones even if the phone is provided by the company.
The program features usually include call, e-mail, instant message and SMS monitoring, internet use and location tracking. Home About Us Contacts. This is similar to virtualization—dumb terminals use the processing power of another computer—and is also the same method that cloud-based apps employ. Containerization keeps company communication and personal use of a mobile device separate. MAM ensures all of the work performed on a mobile device is actually resident on an on-premises server, which can be monitored and controlled.
One more system is available to help you cut down on virus risk. This is mobile email management, or MEM. These systems give secure access to the company email system over encrypted connections. MEMs enforce company policy on emails, such as blocks on downloading attachments. All of the factors explained in the physical risk section of this guide also apply to the risk of disclosure of company information. The likelihood of employees using their own device to access the company network through wifi hotspots is very high.
People enjoy the status of being needed for their job even out of office hours and will answer calls from work, even if they occur in the middle of the night. Similarly, they will pick up alerts from the network and check in on information even when they are on vacation or out to dinner.
Accessing the company network over the internet gives essential, on-call staff such as IT support specialists the ability to do their jobs around the clock. However, if they access the internet from a restaurant or hotel wifi system, they run the risk of exposing all of the data that is passed back and forth to a man-in-the-middle attack MITM. Employees who can access company information at home might be more likely to leave their laptops running with the screen active while they walk off to the kitchen to make a visitor a cup of coffee.
Without needing to enter commands, that visitor would be able to read the open document, or take a snapshot of it with his own mobile device. That visitor does not need to be an international industrial spy. However, a neighbor with heavy car loan payments might be interested in selling embarrassing or innovative information to the press.
The loss of devices is not just an inconvenience in terms of hardware, but it also breaches confidentiality if sensitive company data is stored on it. If your business has operations in Europe, the advent of the General Data Protection Regulation, which is in effect as of May , makes the protection of personal data a critical business need.
- Learn Right Ways to Spying Android cell!
- How Track a Cell Phone Number Free!
- Secretly Way to Monitor Messages Remotely!
- What AirWatch CAN’T Collect.
- To BYOD or not to BYOD – that Is the Question | Cell Phone Spy Software Reviews?
That information may pertain to employees, customers, or even market research, and if anyone can prove that you have not taken sufficient steps to protect that data, they can sue you and your company will be heavily fined. Cash-strapped or disgruntled employees will find it a lot easier to copy over or print files containing sensitive information from home than they would in the office, where their actions could be observed. So, distributing files to be stored on employee-owned devices presents a confidentiality risk.
With many employees given access to the same information, identifying the source of an information leak would be difficult. The loss of confidentiality may discourage you from implementing BYOD. However, many of the risks listed above already exist on your private office network, so you need to address the problems of virus intrusion, internet security, and disclosure by employees anyway.
The systems that you need to implement in order to prevent information leakage on employee-owned devices will actually strengthen your corporate data confidentiality. If you make business applications available from an application server, using MAM, you can also demand that files be stored remotely and not allow storage of corporate documents and data on employee-owned devices.
Why Employers and Employees Should Be Wary of BYOD
A number of different security tactics for company data are available through mobile content management MCM systems. If you choose to allow documents to be transferred to the device, then MCM systems can track versions of documents, stamping them, so the source of a leak can be traced to a specific copy of a document.
These MCM systems can also disable the text copy functions of apps running on mobile devices and make it impossible to print, copy, or email documents. Man-in-the middle theft of information can be prevented by applying a VPN to all official communications. The problem of an employee leaving a document open on a device when they temporarily walk away can be solved by enforcing screensaver locks. The problem of theft or loss of devices is taken care of by the automatic lock and location tracking methods of MDM systems.
AirWatch: What it Can and Can’t Do
There is no technical solution to disgruntled or desperate employees showing company data to third parties. However, making the original document impossible to move goes a long way to blocking anyone having any proof of controversial information. One easy alternative to the BYOD solution is to ban employee-owned devices from connecting to the network. This would be an unpopular move. Surveys report that the hardware cost savings of letting employees use their own devices at work is not the biggest benefit of BYOD.
What Is BYOD?
If you have considered the risks of BYOD and decided that they outweigh the benefits, then there are some other strategies that you could consider. However, it highlights a successful BYOD strategy. However, such a strategy would be foolish. You need to manage all mobile devices whether owned by the company or owned by the employee. With company-owned equipment you can take control of the device entirely and ban the user from loading any apps onto it other than those installed by the systems administrator.
Advantages and drawbacks
With BYOD systems, you need to set up a portal that cordons off part of the phone for business use during work hours. The user only accesses the company network through that portal and the rest of the phone is available to the user. As the name suggests, in this scenario, the device is owned by the company, but the employee is also allowed to use it for personal reasons. However, the company ultimately owns the phone and has rights over it. This enables you to lock or wipe the phone in emergency situations.
The user may lose any personal information stored on the phone, but that situation should be explained at the point of issuance. By this strategy, the company retains the rights over the phone and all data stored on it, even if that information was saved by the user.
To BYOD or not to BYOD – that Is the Question
This is a variation on company-owned devices that uses a little marketing savvy to get employees onboard with the idea of using mobile devices for productivity gains. The company will buy devices in bulk and gain special discounts for doing so. Instead of buying all of one model, the IT department buys a range of devices. Each employee is then able to select a device rather than being allocated a model. This policy can even be presented in the form a catalogue, which feels like a purchase process and wins the enthusiasm of the employee.
Whether the phone should be available for personal calls and internet access is a matter for company policy. However, thanks to automated mobile device management systems, the administration of mobile devices is not made more complicated just because the models controlled by the system are diverse.
In some cases, MDM systems are dedicated to one operating system. In these instances, the specialization usually focuses on iOS devices. However, the exact model of the device is not important even in these environments. A number of industry-specific devices could be used in your service delivery. Barcode scanners and point-of-sales devices fall into this category. Smartphones and tablets can also be used as sales devices.
You can restrict the apps that can be loaded onto a device and make it part of a store display or a piece of sales demonstration equipment. In these cases, the user would need to use a separate phone for personal calls and messages. You can buy software to implement any one of these solutions, or get a bundle of all of them, in which case you need to look for an enterprise mobility management system EMM.
The good news is that these systems are so comprehensive that you no longer need to worry about employing mobile devices in your business. Whether those mobile devices are owned by the company or owned by employees makes little difference.