Due to the increasingly mobile nature of modern technology, some businesses have implemented a Bring Your Own Device, or BYOD policy. While BYOD has been proven to increase productivity, it could have disastrous consequences if not implemented properly. Therefore, it’s imperative to emphasize the importance of security in the workplace, and to pass best practices on to your team.
Unfortunately, an airtight BYOD security plan doesn’t accomplish much if nobody adheres to it. Managers and business owners have a duty to their company to ensure their staff understands the policies put into place, and to motivate them to follow these policies. It sounds simple, but in practice it can be somewhat challenging, mainly due to the team’s indifference to your BYOD security policies.
In fact, some employees might even see it as a hinderance to their productivity. They want to jump right into the action and connect their devices without a second thought, even if they are compromising the security with their disregard for your BYOD policy. This attitude is what causes most of the nightmarish security breaches caused by mobile devices. Believe it or not, some of these employees feel they have no responsibility for the protection of the data stored on their devices. In fact, according to a Centrify survey of more than 500 employees, 15 percent felt this way. Quite a low figure, but still; all it takes is one crack in the dam to let loose the flood of data.
In this same survey, near half of the respondents admitted to having more than six third-party applications on their device, and more than 15 percent of respondents were the victims of credential theft. As for the icing on the cake, it would probably be that 43 percent of these employees had accessed sensitive information relating to their company through their mobile device. How are those for some scary figures?
But wait, there’s more; CIO.com reports that, “AdaptiveMobile surveyed 500 companies (and employees), with 80 percent supporting BYOD, and found that half of all companies experienced a breach within the last 12 months. One company in the study lost $80,000 when its financial database was hacked last year via a mobile device.” No business, regardless of how profitable, wants to deal with losses like these.
The natural response to these security risks is to take the information and use it to educate your staff about the importance of BYOD security. While you can attempt to enforce it all you want, people will generally better understand your point of view if you present to them why it’s so important to follow these policies. Simply telling them that they should follow these policies “because you said so,” isn’t going to do anything. Instead, explain to them what exactly is at risk during a data breach.
How you present these policies is another monster altogether. Depending on your leadership style and the folks who work for you, you’ll probably have to choose to either reward them for following the policy, or threaten those who don’t. After all, BYOD is a privilege, and unless your team wants the privilege revoked for everyone, they should be following the policies. This option is fairly flexible, too. If you need to filter web traffic on a per-user or per-device basis, you can prevent the device from connecting to the network at all with a “device kill switch” of sorts.
On the other hand, if you give them more incentive to follow the rules, such as paying for part of the employee’s phone bill so long as they are compliant with your policies. This could be a rewarding incentive, and by helping them save money on their phone bills, you get loyalty and compliance with your policies. Regardless of your approach to BYOD, it’s important that all team members are on board with your policies.
To learn more about how to keep your BYOD security and mobile device infrastructure sound, give Bardissi Enterprises a call at (215) 853-2266.