Workplaces are changing, the influx of a technology savvy generation and embrace of current technologies have made businesses shift from buying devices to allowing workers to bring their own devices. This development has affected how the business Information Technology department operates and the whole issue of mobile security.
Bring Your Own Device (BYOD) means that employees are allowed to come with their own computers or other devices and use them in the process of carrying out business operations. This means that a business does not have to spend a hefty amount of money to buy devices. There is also a greater flexibility presented by BYOD as employees can work in any location. Productivity is also recorded as a benefit that comes with embracing this model. Despite these benefits, the move poses a serious threat to business. It presents huge risks of compromised data, loss and protection.
Bringing personal devices, opens the floodgates for data leakage, mobile phones, laptops and tablets are more prone to this. The fact that they may not be secured means that the company or business may lose sensitive data exposing it to myriad risks. It may also lead to an increase in operation costs although the initial intention was to cut it. The threats posed lead to a greater reliance on the IT department to provide solutions as well as secure devices. This means that the business has to spend more in hiring staff to perform these duties and ensure that the systems operate on a secure platform. To avoid a situation where a business benefits from BYOD despite the security threats presented by the model, an organization needs to implement procedures and policies which require and help the employees to keep their mobile devices and laptops secure. These policies need to clearly stipulate the boundaries that exist and what is likely to happen when there is violation.
Studies which have been conducted on employees’ use of their own devices at workplaces show that there are serious privacy issues. Seventy-five percent of the devices lack the means through which data can be adequately encrypted. This means that most businesses have exposed themselves to attacks and other mobile security issues. The fact that employees have not installed strong antivirus and firewall protection in their mobile devices makes the business vulnerable to attacks and jeopardizes operations. Businesses need to put in place mechanisms that prevent attacks and threats spreading. They need to make sure that there are gatekeepers such as a VPN that requires the users to identify themselves and also ensure that the data transferred is encrypted and allowed.