Your Biggest BYOD Security Threats (And Your Main Solution)
19 February 2018 00:00
Its gone from the latest IT trend in town to an almost expected way of life for any tech-oriented workplace, but what are the security risks to a BYOD culture? Here, we cover the main threats and how to ensure protection.
BYOD: Too good to miss out on?
It’s pretty hard to argue with the benefits of implementing a bring-your-own-device (BYOD) programme into your business. After all, there’s the opportunity to save money whilst simultaneously increasing employee mobility, satisfaction and productivity -- sounds like a win-win, right?
Well, perhaps one area of the business that ends up on the losing side is the often forgotten IT department. If they didn’t have enough security concerns to balance on their plate already, then the ever-growing trend of BYOD is sure to make the workload tip.
Now, we’re not saying that BYOD should be immediately shunned by your business, we’re just wanting to point out that there are a huge number of threats that need to be addressed in a bring-your-own-device workplace. Here's our top four...
Threat #1: Lost or Stolen Devices
Businesses often spend a fortune on the latest security technology to protect their data, yet, annoyingly, 1 in 3 mobile devices are either stolen or lost by their owner. If you take into account that less than 40% of users set up a password for their devices, then this is an easy access point for cyber criminals.
For most employees, our mobile devices are crammed with accessible corporate data that, if in the wrong hands, can cause a nightmare for our organisation.
Threat #2: Sketchy Apps
A shocking 97% of malware on smartphones stem from applications that are downloaded from untrusted app stores. Combine this with the fact that BILLIONS of apps have been downloaded over the last ten years, then there’s a huge threat to your employee's devices.
These malicious apps have the potential to take control over the user’s mobile device, resulting in the possibility of surveillance, unexpected data or call charges, or loss of sensitive work information.
Threat #3: Infected Devices
As we become more and more exposed to mobile content, users start to become accustomed to “app fatigue” and the careless nature around mobile security. Ts&Cs will go unread, and so too will the excessive permissions that ask to be granted when downloading new content.
These actions all open the window to vicious forms of malware, especially ones that target old operating systems that have yet to be updated. Perhaps the scariest part of an employee's device being infected with malware is that the vast majority of users won’t even be aware of the infection...
Threat #4: Mixing Business with Pleasure
With the world at their fingers, employees can often drift off for small portions of the day into a rabbit hole of non-work related websites -- whether it be for browsing or for online shopping. Then there’s also the risks of an employee loaning their device to a friend or using public Wi-Fi connections to save data.
Your Solution: BYOD Security Awareness is Key
For all of these threats, there's one common issue that rings out: A lack of employee security awareness.
In this day in age, it’s vital that end-users are equipped with the security knowledge in order to combat the threats that technology can’t.
Having sufficient BYOD policies that are included in your security awareness programme is a great starting point for strengthening security. Regular bite-sized training on issues like password security, the importance of updates, working remotely, and how to report lost or stolen devices are topics that can’t be overlooked for businesses.
If you're wanting to get started on raising security awareness, then sign up for free access to our employee-focused cloud-based awareness modules that focus on a wide-range of employee cyber threats (including the importance of BYOD security).