Today, more people are working remotely than ever before. As a result, many employees are working on their own personal devices. However, research shows that fewer than half of organisations have a BYOD (Bring Your Own Device) security policy in place to safeguard work-related data that resides on personal mobiles. In this article, we look at the dangers of using personal mobile devices for work purposes, and how to mitigate the risks.
The unwelcome arrival of the Coronavirus and subsequent lockdown saw 30% of UK adults working from home. Now that the lockdown restrictions have eased, research shows that 91% of people would like to continue working remotely at least part of the time1. Smartphones, tablets and notebook computers have been critically important in keeping remote workers productive. Research suggests smartphones can increase productivity by 34%2. According to the mobile data firm Syntonic, the average employee uses 5-business apps every day. Last year a survey by Bitglass found 74% of employees used personal mobile devices for work purposes3. However, less than half the respondents said their employer had a BYOD security policy.
Three hundred and thirty thousand smartphones were stolen in the UK last year; over 90% were never recovered4. At the same time, a Google consumer survey found that half of Android phone users never lock their device5. Smartphones and tablets are also fertile ground for cyber-criminals. The threats to mobile devices is both numerous and varied including SMSishing (text phishing), evil-twin network attacks, malicious apps, and greyware (adware and spyware). Earlier this year the consumer group Which warned that over a billion Android devices worldwide were vulnerable to cyber-attack because they no longer received vital security updates6.
BYOD refers to a trend whereby organisations allow their staff to access IT systems, apps and confidential data using personal mobile devices such as smartphones. Without a clearly communicated and properly enforced BYOD security policy, organisations leave themselves vulnerable to multiple security threats. Similarly, failing to comply with the latest data protection regulations can result in significant financial penalties.
Download our handy BYOD basics guide.
To ensure the security of personal mobile devices used for work, first, you need to set some clear ground rules. You might create a registry of all personal devices authorised to access the company network. Next, you need to introduce technical controls to monitor and safeguard organisational data. Third, you need to educate staff about BYOD and cyber-security threats. Together, the organisation and employees can take steps to improve device and data security.
MDM and MAM
Mobile Device Management (MDM) software provides centralised control of all mobile devices that connect with your network. MDM enables remote patch management, Web protection, data analysis and data wipe of lost or stolen devices. MDM also gives you visibility and control over the mobile applications that directly access your company’s data. You can lock down apps or assign role-based restrictions.
Mobile Application Management (MAM) enables your IT administrator to securely distribute, manage and remove apps from any device. MAM software ensures that company apps and business data are kept separate from personal apps and private data on the same device. Microsoft Intune, for example, is a Cloud-based device and application management solution. Microsoft Intune enables you to deploy, configure, protect and remove mobile apps from company-owned and personal devices. Many companies choose a combination of both MDM and MAM to provide the greatest levels of control, security and compliance.
Finally, it is important that staff who wish to use their own devices for work purposes be properly trained to use them safely and responsibly. Cyber security awareness training can help ensure that they understand the constantly changing threat landscape. Employees can also take basic security precautions such as using password protected lock screens, company approved apps and VPN (virtual private network) when working remotely.
Learn more about BYOD
Many organisations benefit from BYOD, enjoying reduced costs and increased productivity. However, BYOD comes with security risks and compliance challenges. If you would like to know more about remote working, BYOD and mobile security contact Modern Networks.