Even as businesses are still trying to figure out the BYOD challenge, employees are already using mobile devices in the workplace. The rapid rise of smartphones and tablets in the consumer market results in many employees and business owners using the same devices for the workplace. For many business, vital data as well as the company network are being exposed to a range of threats.
A survey conducted by Harris Interactive indicates that over 80% of employees already use personal devices in the workplace. “BYOD is not coming, it is here, in a big way. And that is not necessarily a bad thing. It means your staff can stay in touch with up-to-the-minute, real-time data, regardless of where they happen to be, creating a compelling advantage for your organization,” says Cameron Camp, Security Researcher at ESET. [1]
The survey indicates that potential security measures are largely ignored throughout the business. Some of the highlights include the following:
- Across the entire BYOD spectrum, encryption of company data is only happening on about one third of devices.
- Less than 10% of people currently using their own tablets for work have auto-locking enabled.
- People were more security-savvy about their smartphones, with 25% using autolock.
- One third of laptop users have auto-locking enabled, which means two thirds do not.
- Auto-locking with password protection was enabled by: less than half of laptop users, less than a third of smartphone users, and only one in ten tablet users.
What can a small business do to take initial measures toward mobile device security? Robert Lemos at Dark Reading offers three helpful and simple steps to begin improving mobile device security.[2]
- Admit you have a problem
- Educate your users
- Force devices to use a separate network
1. Admit you have a problem – A big step is simply recognizing the threat that the network and company data face with every unsecured mobile device that is actively using company data. There are a range of rogue apps and malware attacks that could steal data from the device. At the same time, lost or stolen devices could expose vital information and violate regulatory compliance (depending on the type of business and data exposed).
2. Educate your users – By implementing some type of security training, you could help staff develop a few simple security practices. Simple habits like password-protecting the device are a key to protecting information, but even this extra step often causes employees to balk. Regular training can help raise awareness and encourage a higher level of safety practices like password protection, autolock, and enabling encryption.
3. Force devices to use a separate network – Companies can also require devices use a guest network that connects to the Internet instead of directly to the internal network.
For more information on building a secure network and managing mobile devices in your business, contact Integracon via chat at Integracon.com or call us at 865-330-2323.
[1] Varun Gupta. “ESET survey: The BYOD Security Challenges.” The Security Age <http://www.thesecurityage.com/details.php?seo=eset-survey-the-byod-security-challenges>
[2] Robert Lemos. “3 Steps For SMBs To Tame Their Mobile Threats.” Dark Reading, July 2, 2013.