How Adopting BYOD Can Actually Make a Workplace More Secure

There’s one major difference between companies that adopt BYOD policies and those that don’t: those that don’t are far more vulnerable to attacks.

Now, that may seem counterintuitive—after all, aren’t BYOD programs supposed to open the door to greater security risks? That’s what everyone says, and there’s certainly new complications that come with BYOD programs.

However, companies need to realise employees are connecting their phones and tablets at work, regardless of whether there’s a BYOD policy or not. So with that in mind, companies that make efforts to regulate the devices on their networks are far more likely to be protected than those who don’t.

BYOD security is a big deal, and obviously new measures and solutions will need to be adopted in order to handle new platforms and devices. With that being said, it can be difficult to know where to start. In an effort to make things a little more manageable, here are 3 important areas to consider when looking to beef up your network security.

 

Worry less about the variety and more about the volume.

Device turnover is relatively quick these days. Every few months a newer model is released, or an updated platform, which causes constant flux in the tech environment. This can often be a struggle for IT departments, as they’re stuck trying to manage networks that support fitness trackers and smartwatches on top of smartphones and tablets.

While it’s important to know what types of devices are operating on your company’s network, it’s far more important to know the number of network-enabled endpoints. At the end of the day, securing different mobile endpoints isn’t anything special for IT, as they’ll all just be treated like computers. However, when it comes to endpoint security in a BYOD world, the sheer number of connections will lead to huge spikes in network traffic and therefore greater risk from remote access vulnerabilities.

 

Don’t forget about your laptops.

More often than not, when companies discuss BYOD, they’re thinking about people using their mobile devices at work, like smartphones or tablets. Mobile technology is definitely the rising tech, and it wouldn’t be hard to imagine the majority of work being done on these devices within the coming years, especially as the computing power of tablets increases. As a result, professionals are building up stronger security measures to protect these new gadgets. That makes sense, after all, cybercriminals are going to adapt and target the most predominantly used mediums, right?

Kind of. Cybercriminals are far more likely to target the areas with the greatest weaknesses. Too often companies will fall into the trap of focusing on new technologies, and forgetting to upgrade security measures on traditional devices, like laptops and desktops. Companies will definitely need to invest in mobile security options, but the key is to maintain an overall heightened level of security across the entire network and protect all devices.

 

Don’t forget about the departed.

Another rarely discussed element of BYOD is the problem that arises from having company information stored on personal devices, and then having an employee leave the company. It’s a little more manageable when employee and employer depart on good terms, because the employee is more likely to delete information themselves, or allow IT to do it. When an employee leaves on bad terms, they may try and keep information they can then use to harm the company’s reputation as revenge.

BYOD policies need to expand beyond simple IT oversight. HR needs to be involved to help with employee termination procedures. Once an employee is no longer with the organisation, their access to company information needs to be eliminated, along with the current information stored on their device. This is where a mobile device management solution is useful. Among many other features, it helps create a BYOD work environment and adds administrative rights to delete all traces of corporate data when an employee leaves.

It’s important that employees are aware of this procedure the moment they begin with the company, that way there are no surprises and legal issues when the company goes to enforce the policy.

That virtually every company in Canada will eventually have some sort of bring-your-own-device policy surrounding mobile gadgets seems no longer to be an “if,” but rather a “when.”

The inevitability of BYOD in the workplace is reinforced by a recent IDC survey commissioned by Samsung Electronics Canada, which found that technology trends such as BYOD are driving significant change for chief information officers in businesses across Canada.

Of the CIOs surveyed, 58% said the number of mobile workers at their company has increased and that 68% of these workers use tablets in addition to mobile phones.

From the study:

BYOD is quickly becoming the new norm for companies across Canada with 53% of CIOs open to employees bringing their own devices to work. When asked why CIOs have a bring their own device policy, 51% responded saying it was to appeal to young workers which will make up 75 per cent of the workforce by 2028. While security still remains a core component, CIOs are being driven by workplace trends to help future-proof their organization.

The key takeaway from that bit is “future-proof”: in 2014, companies rejecting the notion of BYOD are already considered relics of the past by many young and up-and-coming workers.

“The CIO role is shifting from a concentrated focus on managing and protecting centralized back office IT resources to driving employee productivity and empowerment,” aid Warren Shiau, Director, Buyer Behaviour Research Practice, IDC Canada.

The survey reveals that 55% of CIOs are actually adjusting their IT policies based on employee feedback and beginning to recognize the value of these insights in helping to create a more empowered workforce.