You’ve seen it happen.

Slowly but surely over the last 2 years people have been ditching their corporate-sponsored Blackberries for iPhones, Androids and Windows Phones to use for work. Not only that but they’re also bringing their tablets as well.

What’s wrong with that you ask?

Well, nothing for the employees. In fact it’s been shown that people are more productive when they use a device that they feel most comfortable with. Many employees are now using a few different devices like tablets, smartphones and their trusty laptops to get the job done.

Sometimes they own them, other times the company does. It helps them attend meetings in private rooms, work from home or update notes while out to lunch. Of course the hardware costs for companies are lower too and workers seem comfortable using their devices for both work and play.

BYOD Devices - Security Concerns

BYOD Devices – Security Concerns

The benefits are obvious and corporates have noticed.

There are problems though, and these lie squarely on the shoulders of IT departments. It’s been projected that in just 2 years, the number of ‘bring your own device’ employees will more than double from 150 million to 350 million. That might sound like a step in the right direction, and it is, but it’s also going to bring with it a tsunami of technical issues for IT departments to deal with ranging from security, management, maintenance, support and data.

The security issue is by far one of the most pertinent since mobile devices are so prone to loss and theft. They are prime targets for hackers and can be used to get access to sensitive data or disrupt services. With employees storing company data on their devices right alongside their own personal information, there is a massive challenge ahead to keep corporate data safe and secure. Any time a user loads an app, goes online or makes a phone call, there is a risk for a security breach.

In the past, real-time data was a luxury but now it’s considered an absolute necessity – and therein lies the problem. Once a mobile device connects to a corporate network, all the user’s personal info that is stored on the phone is vulnerable to threats. We’re talking names of contacts, credit card numbers, addresses and of course corporate information too.

It’s no surprise that IT professionals are concerned.

A few high profile security breaches in 2012 helped to raise awareness about the issues surrounding data mining. The big social networks like Facebook and Instagram made massive overhauls to their security infrastructure, but smaller private companies remain vulnerable. Once upon a time IT managers could relax knowing that everything was sitting behind a rock-solid LAN, but not so anymore.

If you have any questions, or want a plan of action that will protect you from all of this, email us at BYOD@roansolutions.com and we will get you on the right track to avoid threats, fulfill obligations and exploit opportunities with these devices.

Steps to Take

Some measures that IT can take include encryption to ensure that data is secure in case it gets accessed through an attack or theft. Also, everyone needs a solid plan in place to account for BYOD, but more importantly to adjust as things change.

Not surprisingly most employees are completely unaware that their devices pose any kind of threat to the company at all. Here is where a little bit of education can go a long way to keep data safe. It doesn’t help that most employees use the same passwords at work as they do at home so they need strict guidelines on using multiple, long, high quality passwords.

Other strategies being put into place right now include robust password protection, remote control to install or update applications from the office, remote locking and data wiping. While these are really helpful, implementing them is proving very tricky. Mobile technology is moving fast, and since there are so many platforms to cater for, the challenge is immense.

Malware and Viruses

Then there is the issue of malware and viruses inside the apps themselves. Apple’s iOS platform is at a much lower risk for this type of problem since they keep very tight controls over the quality of apps that are allowed on the App Store. Android however is less picky. Android phone owners can buy apps from the Google Android Market or Amazon’s Appstore for Android and controls for app approval are not so stringent. This opens them up to potential breaches and seeing that each employee can download hundreds of apps in a year, the chances compound depending on how many employees you have.

In fact, virus and malware creators are figuring out how to gain access through any device that uses the internet so game consoles, smart TVs and even DVD players are becoming targets.

We might just see the rise of PC-like antivirus and security software for tablets and mobile phones very soon. Trend Micro’s Worry Free Business suite is for Android, iPhone as well as PC and Mac devices. Symantec offers a $29.99 Norton security app for Android mobile devices while MacAfee also has a product at the same price for Backberry, Android and Nokia devices.

The Alternative

For those companies that refuse to allow any kind of BYOD scheme and prefer to stick with Windows devices such as the Surface, Windows Phone 8 and laptops, the next version of Intune will allow IT to manage all of them under one system with very strong controls for data sharing and access.

The Damage

So how bad can things get? It’s a potential breakdown that must be addressed.

Especially when you consider that the average cost of mobile ‘incidents’ for large companies is $429 000 and for the little guys it’s $129 000. This includes reputation damage, loss of data and productivity decreases.

Ouch!

In the past, most large companies relied on Blackberry’s enterprise-grade encryption which took care of everything at their servers. But since Blackberry has lost it’s popularity in a big way, things are almost back to square one.

Statistics

Here are some interesting statistics from a Check Point global survey of 768 IT professionals:

–       89% of companies have mobile devices connecting to their network

–       65% are personal devices

–       71% have experienced an increase in security incidents

–       47% say that customer data is stored on these devices

According to another survey by the Ponemon Institute, 51% of security breaches in the US was due to a mobile device. To illustrate just how quickly things change, in 2011 BYOD didn’t even feature as a concern for IT professionals.

If there’s one constant if life it’s change – and even more so when it comes to technology. It might not be clear how the BYOD situation will unfold over the coming year or two, but what is clear is that it will take a concerted effort by everyone; employees, managers, IT, CEOs, software developers and hardware manufacturers to properly manage this tectonic shift in technology.

It’s definitely for the better.

Email us at BYOD@roansolutions.com if you want help or advice for your organization and we will set you straight right away or read more at Desktop and Other Device Solutions.