What Byod Means To Enterprise Security

By Author: Susan Smith
Total Articles: 132
Comment this article

The IT leaders today face many security challenges and rapid changes. Not the least of the challenges is the need to equip their workforce with the latest and most advanced technology in order to retain competitive advantage. This needs to be done while protecting sensitive data and systems.

New Technologies bring newer ways to access and manipulate data, advanced devices, and alternatives to the traditional platforms. We are effectively in the post-PC era. These dynamics are creating a shift towards BYOD, a workplace trend that is fast becoming the norm rather than the exception.

BYOD is not limited to just personal computers. It means employees using smartphones, tablets, BlackBerrys, ultralight books and more for their work. The concept of BYOD has broadened to include software and services, as employees use cloud services and other tools on the web. In fact, BYOD now axiomatically means BYOA(bring your own app).

These concepts, while welcomed by the employees, are turning into IT security headaches, if not nightmares. The following are some of the key IT security risks faced by the ...
... enterprises implementing BYOD:

Complexity: The most inescapable yet the most serious issue of BYOD is the sheer number of permutations of devices, Operating systems, applications, and configurations it inducts into the IT landscape. This multiplies the number and type of networks, applications, and end-points through which data is accessed. These are the three main points at which data is vulnerable, thus posing a huge security risk.

Unauthorized access through third party apps: Employees may allow unregulated third-party apps the access to other sensitive, corporate information stored on their devices. These apps may be pre-infected with malware, which might steal information from the mobile device without alerting the users. Should employees' handsets connect to open Wi-Fi networks, the corporate data stored on their devices might also be exposed.

Data Management & Compliance: With BYOD, the ability to manage and track corporate data has become more difficult, especially with the widespread adoption of both cloud and mobile storage services in the enterprise. With the traditional IT security policies effectively useless, the access to data is difficult, If not impossible, to monitor.

Further, data location and segregation are key challenges when trying to ensure compliance with cloud and mobility included in the equation. Auditors will want to ensure the data they are concerned about is adequately protected and will also want to see validation of this through documented evidence. This cannot even be reported, much less guaranteed in a BYOD model.

Stolen, Lost, or hacked devices: Due to their smaller form factor and the tendency of users to bring them everywhere with them, mobile devices get lost more often. Since the majority of mobile and tablet devices are not usually locked with a PIN or password, and those that do are secured with just a four-digit PIN, the protection for mobile devices is not robust. Also, with the users retaining control of what they do or don’t install on their devices, the risk of malware/spyware/virus infection is many times higher.

Disgruntled / resigning/ fired employees: Employees leaving an organization, or those still working, but unhappy with the organization, pose a huge risk of the corporate data being intentionally / unintentionally misused. Since the IT departments no longer have access to wipe the data / lock the device, the corporate data has a risk of unauthorized access unlike before.

The author is associated with, Copper Mobile, one of top mobile app companies, app development Dallas and mobile application development companies in Noida