How often do you or your employees use a personal phone to access work emails, calendars and applications?
As mobile devices become increasingly embedded into our daily lives, using personal devices for work purposes is improving business productivity and enabling employees to work more flexibly and efficiently.
The trend, known as bring your own device or BYOD, is quickly taking over workplaces and impacting IT departments in more ways than meet the eye.
The issue rose to the fore last week when a scathing government report found 453 “information security incidents” in a year as a result of an investigation into Victoria Police’s data security.
The Privacy and Data Protection report found that police were using their personal mobile phones, computers and equipment to record critical data.
As the findings proved, BYOD has significant impacts on the security of an organisation. By removing the traditional boundaries of physical location and asset ownership, businesses that enable staff to use personal devices are exposed to increased security considerations - including the safety of the intellectual property of a business.
A BYOD policy can help businesses regain some control over the safe use of personal devices for work purposes, enabling them to navigate the threats of increased malware exposure and data leakage, plus IT support considerations.
A BYOD policy needs to be flexible yet enforceable to ensure it mitigates risk. By working with other information security and IT procedures, the policy will reduce the potential financial, legal and reputational repercussions associated with a cyber attack or data leak.
When designing the BYOD policy, senior executives need to keep the following in mind:
Get buy-in from relevant departments
Gather a group of employees from a range of departments in the organisation to participate in the policy development and implementation, in order to gain insight on how policy decisions will affect different user groups.
Provide proper training for your staff
Staff are your number one asset, but uninformed, they pose a major threat to your business. Ensure that your policy includes an in-depth induction and regular training for all employees to educate them about the policy and the potential risks involved with BYOD devices.
Regular policy review
Aligning your security policies with business objectives is essential to successful implementation. The business environment is rapidly evolving; therefore regularly reviewing and updating your BYOD policy will ensure it provides adequate security for your organisation.
A strong strategy will enhance your organisation’s security as new threats are introduced when personal devices enter the workplace. As the challenges involved with BYOD policies evolve, organisations need alternate ways to enable flexibility without compromising security.
One alternative for businesses to explore is choose your own device (CYOD) policy, which enables business to support their employees’ choice of device while keeping their confidential business data secure.
CYOD works by offering employees a choice of approved devices, which allows IT to have more control over what devices employees use, as ComputerWorld explains.
Need advice on workplace security and protecting your business from cyber threats? Talk to one of MailGuard’s security experts: expert@mailguard.com.au.
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.
