March 27, 2015 By Prafulla Mannewar 3 min read

Bring-your-own-device (BYOD) has become a revolution as more and more organizations allow their employees to use their own mobile devices for work purposes. It is advantageous for employees to use their own devices because of the shift in cost responsibility from employers to employees, improved work flexibility and better work-life balance. Employees can now work just about anywhere at any time.

Is BYOD Really Good Enough?

The benefits of BYOD are too tempting to ignore, but the movement also comes with many security and privacy headaches. First and foremost, it increases the organization’s security investment. Personally owned mobile devices are an easy target for cybercriminals, and cybersecurity risk for organizations that permit BYOD is higher when compared to companies that require the use of organization-owned assets.

Sensitive and confidential data will be at risk because of unsecured Wi-Fi or Bluetooth. When an employee leaves the organization, the organization must ensure the employee doesn’t keep any information on his or her personal devices. Employees are free to install any software on their device, but the organization must ensure the software is secure and doesn’t pose any threat to enterprise applications. In many cases, employees back up their information online. Organizations must ensure their business information is not being backed up and accessed by an unauthorized third party or competitor.

There are many traditional security solutions for BYOD, such as guidelines for employees, security awareness training, strong password protections for lock screens, encryption, remote data wipes and mobile antivirus. These solutions provide security and a sense of confidence. Now, it’s time to think beyond these solutions. How can organizations make their BYOD security policies, traditional guidelines and solutions more secure?

Leverage Cloud Computing Solutions

The benefit of using cloud computing solutions for BYOD is that all the data can be stored and accessed through the cloud rather than kept locally. With these solutions, all the data processing and storage will be done outside the mobile devices.

Use Mobile Virtualization

This will let employees have multiple profiles or platforms — most importantly, one instance for personal use and another for business use. The greater benefit is that all the data processing, storage and sharing will be completely separate from both profiles. The next level will be achieved when the network and data connectivity can be completely cut from the personal profile when the employee accesses the work profile, and vice versa.

Strengthen the Mobile VPN Solutions

Mobile virtual private network (VPN) solutions can be improved through additional mobile-aware management, such as administrative alerts for security concerns. Additional security functions could be added that enforce access policies based on the network in use. These all will give visibility and control over devices that may not be on the corporate premises or connect through networks outside the organization’s direct control.

Invest More in Mobile Device Management

Mobile device management systems are a great way to manage all devices and easily enforce security policies. Other measures include remote data wipes, strong PINs and passwords, locking the device after a certain period of inactivity and allowing employees to use more secure in-house applications. Also, organizations should generate compliance reports that alert the employee and compliance team of any identified noncompliance.

Create an Ecosystem

Organizations can set up their own app store, develop their own enterprise and corporate applications and push them to devices through their app store. They will then have more control and security by using in-house applications. It is important to develop the application in such a way that employees love to use it and don’t look for any alternative third-party applications for emailing, chatting or video conferencing.

Regularly Update the BYOD Policy

Organizations might add that they have the right to remove any supplied applications from a device as a result of a violated BYOD policy. Also, the policy should include instructions for employees on how they are expected to follow all safety guidelines and use common sense when working on personal devices.

Some of these solutions are already available on the market; it’s up to organizations to decide which solutions will be good for them and provide a sense of confidence when deploying BYOD. Organizations must not forget that BYOD is more than just a policy; it’s a shift in corporate culture. Organizations and employees both play an important role in keeping this going. By keeping security in mind, it shouldn’t be too complicated for employees to use their own devices as the organization looks for innovative and advanced technology to deploy BYOD.

Read the study: Mobile Dating Apps Can Place Corporate Information at Risk

More from Endpoint

Unified endpoint management for purpose-based devices

4 min read - As purpose-built devices become increasingly common, the challenges associated with their unique management and security needs are becoming clear. What are purpose-built devices? Most fall under the category of rugged IoT devices typically used outside of an office environment and which often run on a different operating system than typical office devices. Examples include ruggedized tablets and smartphones, handheld scanners and kiosks. Many different industries are utilizing purpose-built devices, including travel and transportation, retail, warehouse and distribution, manufacturing (including automotive)…

Virtual credit card fraud: An old scam reinvented

3 min read - In today's rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they also inadvertently expose the financial industry to an ever-shifting spectrum of emerging fraud trends. This delicate balance between new offerings and security controls is a key part of the modern banking challenges. In this blog, we explore such an example.…

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today