More and more consumers are owning smart phone or tablet devices and bringing them to work. Some companies are embracing the “bring your own device” or “BYOD” trend without fully understanding the security risk implications.
When employees improperly use their mobile devices, they put their companies at risk for data breaches. This includes leaving lots of sensitive data on the devices—which can pave the way to leakage of data, plus other issues.
Current security measures are lagging behind the increased rate of mobile device usage in the corporate realm.
A study conducted by the University of Glasgow not only showed that a lot of sensitive company information was left on handsets, but personal information as well was left on, putting employees as well as the company at risk for breaches.
This small study demonstrates a clear need for improved guidelines and policies governing employees’ use of personal smartphone devices and security of the devices. This becomes even more relevant as businesses turn more to cloud storage for data.
Non-approved software-as-a-service (SaaS) apps, used by employees, is widespread, according to a McAfee study. These apps are not approved by the company’s IT department. Employees can easily bypass the IT department by using the cloud. The study showed:
- Over 80 percent of survey participants reported using unauthorized SaaS apps.
- About 35 percent of SaaS apps used on the job are not approved.
- About 15 percent of users have had a security problem using SaaS.
Employees may not realize that their chosen SaaS apps are poorly safeguarded. Such employees aren’t malicious; they’re just trying to be more efficient. Businesses need to find the right balance of protecting themselves yet allowing employees to use apps for increased productivity.
An ideal situation would be to monitor SaaS apps and apply policies that do not inhibit employees’ ability to be productive.
A recent Forbes article got my attention and the author’s solutions make good business sense.
1) XenMobile – This allows IT to secure and manage smartphones, data and apps, and establish policies based on smartphone ownership, location or status. Users can then more easily access the web, e-mail, corporate apps and documents with a single click on a mobile device.
2) Airwatch – This mobile device system provides management of apps, content and e-mail, to oppose inadvertent mismanagement of smartphone devices by employees (e.g., storing documents in vulnerable locations).
Just enter username and password; Airwatch will wirelessly and automatically configure all the settings, apps, security policies and more based on the worker’s role in the company.
3) Mobile Iron – This system manages and secures apps, devices and content, ideal for businesses that support the BYOD program. Personal content can be separated from corporate content, protecting the employee’s private data.
4) Good Dynamics secure mobility platform – This is a BYOD program that keeps employees productive while zeroing in on security. Personal data is partitioned off from business data to protect programs like e-mail.
5) Samsung Knox – This system is for Android devices, managing with a multi-tiered security approach. One’s network will be protected from malware, hacking, viruses and non-approved access.
6) Protect your BYOD on wireless networks – Use VPN if you’re on a portable wireless device. Hotspot Shield VPN is free, though its paid version is more e expanded and faster. First launch Hotspot before you use your PC laptop, iPad or iPhone to connect to free public Wi-Fi services like at the airport or at a coffee shop or hotel.
Your entire web surfing session will then be protected. All of your connections will be secured. This will eliminate some of the aggravation for your company’s IT department.
Robert Siciliano on Google+