Corporate Security in a BYOD World

by Matt Klassen on June 11, 2012

Gazing across the technological landscape there’s one disturbing trend that I have to admit I didn’t see coming, the BYOD (Bring Your Own Device) Movement. Since the inception of corporate IT there has always been a sharp demarcation between technology for business and technology for the general public, with IT departments content in the thought that the two would never meet…until now of course.

With the exponential rise in the popularity of consumer oriented devices, specifically products like Apple’s iPhone and iPad, more and more people are bringing their favourite gadgets to work, which in turn has IT departments the world over having nightmares about the possible security threats to once airtight corporate networks.

While the IT crowd struggles to manage this influx of free range unmanaged devices, desperately trying to come to terms with the control consumerizationhas had on the corporate technology sector, blogger Kevin Vlasich from TheTechNewsWorld offers the corporate world a few helpful tips on how to recognize the extant threats and what you can do about them.

First, understand that the BYOD movement is an inescapable reality in the modern IT world. Sure you can tell employees to leave their personal gadgets at home, but the truth of the matter is that with tablets and smartphones already having firmly engrained themselves in our digital existence, it’s a battle that the corporate world has already lost (and lost before it even knew it was fighting in the first place).

That is, this inability to stifle the BYOD movement stems directly from the fact that corporations didn’t even know it was happening, leaving the IT sector woefully unprepared to manage a deluge of unsecured devices. The second thing companies need to realize is that policies regarding technology need to be put in place, and moreover, they need to be enforced.

While spies in the Cold War had an arsenal of cool gadgets designed for espionage, the modern worker is able to download and store massive amounts of corporate data on one single smartphone, and then stroll right out the front door with it. Even if employees aren’t trying to be malicious, there are simply too many data leaks for IT departments to try and plug.

So what sort of response can companies have to the BYOD boom? Vlasich offers a few tips (or rather assumptions) to help sort out this quagmire:

  1. Assume you’ve been breached. Forget hiring a company to test for possible points of penetration on your corporate network, assume it’s happened already, as over 75 percent of organizations across the country have suffered data loss due to negligent or malicious employees.

  2. Control what accesses your network. Despite what you say, your employees will continue to access your network with their personal devices. Block the ones you don’t want and increase encryption and add movement audits for the most critical information.

  3. Employees want convenience, not security, meaning that if you’re corporate network has overly cumbersome checks and balances, your employees are going to find a way around it. Streamline the process and employees will get on board.

  4. Lost technology accounts for 42 percent of security breeches, particularly with things like flash drives and smartphones. If you can’t use an encrypted device, it doesn’t belong on your network.

 5. Finally, train employees! If people don’t know about the security threats their devices pose, how can they be expected to use them responsibly. So educate yourself on the threats and communicate that to your employees.

With none of this will end the BYOD movement, it will surely go some distance to mitigating its potentially deleterious effects, and doing so may just prevent that next employee from accidentally wondering out your front door with your most critical trade secrets.

Did you like this post ? TheTelecomBlog.com publishes daily news, editorial, thoughts, and controversial opinion – you can subscribe by: RSS (click here), or email (click here).

Written by: Matt Klassen. www.digitcom.ca. Follow TheTelecomBlog.com by: RSS, Twitter, Facebook, or YouTube.

Previous post:

Next post: