Does your business have a Bring Your Own Device (BYOD) policy? Employees are generally more productive when they are allowed to use their own laptops, desktops, or mobile devices for work.
However, there are security risks associated with this type of policy.
There are ways to master safety while still allowing employees to use their own devices for work. For example, using a cloud storage service like Box is a great way to eliminate the need for employees to keep volumes of files on their personal devices. When they need a file, they can get it from the account.
Combined with a company policy prohibiting saving passwords, using cloud storage from a service like Box will protect your company files from unauthorized access.
Before we dive into other reasons why cloud storage secures a BYOD policy, let’s take a look at what the risks are with this type of policy.
There are 3 main security risks associated with a BYOD policy
BYOD policies aren’t inherently safe – it’s the uncontrollable factors and human error that employers need to worry about the most. For example:
Unauthorized party can get hold of an employee’s personal device
Whether an employee’s device is stolen or simply used by another family member, it will expose your company data to unauthorized third parties.
In most cases, family members who share an employee’s device will not do any harm. However, the wrong person can stumble upon something interesting and use data for nefarious purposes. This can have costly consequences. For example, data breach regulations resulting from laptop theft have reached over a million dollars.
In addition to data, when employees save their passwords to corporate accounts in their browsers, anyone can access those corporate accounts without entering account information. For example, if someone visits Mailchimp.com, the employee may already be signed in to the company’s Mailchimp account.
An employee may not take enough precautions to protect employer data
A personal device that comes home with an employee is at great risk of exposing company data to unauthorized third parties. The biggest problem is the potential for human error. For example, an employee can walk to work from a coffee shop and unknowingly connect to a hacker’s fake Wi-Fi network.
When this happens, the hacker will have access to everything they type and every website they visit. They might even have access to their physical device.
Another problem is that people are constantly falling victim to phishing attacks. If someone receives phishing attacks on their personal email account and is tricked into sharing personal information, it could compromise their entire laptop or mobile device. In this case, anything they have on their hard drive, including company information, could be exposed.
Employers forget to delete company data from personal devices
The biggest problem is that employers don’t remove company data from personal devices once an employee is fired or resigns. If an employer doesn’t remove company data, they are requesting a future data breach.
According to survey data published by The Guardian, 40% of important data breaches were caused by lost or stolen devices. Even more alarming is the fact that 50% of companies with BYOD policies have been breached by employee-owned devices.
Since 60% of organizations do not erase company data from personal devices when employees leave, many breaches can be avoided.
Cloud storage makes BYOD policies more secure
While data can never be 100% secure, cloud storage eliminates several primary risks associated with a BYOD policy. For example, if you use Box, you can send people links to the files they need and set security settings for each link. This way, files are never emailed and stored in someone’s account.
When you provide links to people, you can also set the expiration of those links. In the future, if that person’s personal device is compromised, the links to your company files will expire.
Why have a BYOD policy if there are security risks?
If you don’t have a BYOD policy, you might be wondering why someone would create one if there are security risks. Shouldn’t employees get used to using their employer’s computer? Ideally, this would be the best solution. However, forcing employees to use a certain computer can have a negative impact on their work.
Familiarizing yourself with a device plays an important role in a person’s ability to do their job. For example, an employee who prefers to use a Macbook Pro will have a hard time if you give them a Windows 8 laptop. Lack of knowledge will disrupt their flow, create frustration, and reduce their productivity.
How to prevent BYOD data breaches
It’s best to let a professional IT security team prevent a data breach. However, you can get an overview of these 30 data security experts on what you can do to prevent a BYOD data breach.
You might be interested in: The Benefits of Desktop as a Service or DaaS