Jan 02, 2019 solutions to byod physical security risks if you cant stop remote employees from using their own devices, the only option is to embrace the practice and control access to information. With corporate data on a personal device, it is especially important that organizations. Without a coherent, comprehensive strategy for byod, cyod or cope, encompassing both policy and technology, an organization can face significant risks from security and compliance gaps to escalating it complexity. A user who does not understand their companys byod security policy is an instant vulnerability. To give you more of an idea, here are the top security risks of implementing a byod policy. An analysis of the key risks and how existing control mechanisms address them is also conducted. To effectively manage byod, security managers need to define new strategies to manage the resulting risks. Bring your own device byod is a current industry trend that allows employees to use their personal devices such as laptops, tablets, mobile phones and other devices, to connect to the internal network. These tips should serve as a byod security best practices guide for end users and itsecurity teams alike. Users guide to telework and bring your own device byod security. According to a 20 ernst and young study on byod, about 22% of all mobile devices produced will be. Theres no silver bullet for byod security, but in this article, enterprise information security pros share their strategies for. As byod has become increasingly common and awareness of security.
While it is impossible to guarantee byod security, following these recommendations will help organizations to mitigate byod risks by securing devices. The risks of social media in the workplace in addition to the risks of byod, there is an increasing risk from the use of social media, both by the organisation and by its employees individually. People can inadvertently download a malicious app, click on a malicious. The ultimate guide to byod bring your own device in 2020. Pdf formats, word documents, and video in particular pose risks. Smartphones are the most common device used in byod settings, although laptops, tablets, and usb drives are also commonly brought into the workplace. Again, you can block xss on your own network, but not on the devices of your employees. These tips should serve as a byod security best practices guide for end users and it security teams alike. How byod brings security risks into corporate networks. Attackers are quick to exploit design flaws or architectural weaknesses.
Bringing down security risks with a byod encryption policy. Without a coherent, comprehensive strategy for byod, cyod or cope, encompassing both policy and. For it security teams, the new risks typically include security vulnerabilities. Xss where hacker code is injected into web pages and downloads onto the device when the page is loaded into the browser. It needs to mandate the use of uptodate security software on all devices, ensure that all locallystored. Jul 29, 2016 each telework device is controlled by the organization, a third party such as the organizations contractors, business partners, and vendors, or the teleworker. Find out the best way to keep smartphones and tablets safe from hackers and the dangers of public wifi and. According to a 20 ernst and young study on byod, about 22% of all mobile devices produced will be lost or stolen during their lifetime and about 50% of all these lost or stolen devices will never be recovered. Many company security breaches result from lost or stolen devices. This ebook identifies areas of concern and outlines the steps you can take to protect company.
Each telework device is controlled by the organization, a third party such as the organizations contractors, business partners, and vendors, or the teleworker. We will control access based on device identity, connection type, and network access privilege. Top security risks of implementing a byod policy and how to. Here are the ways your organization can address the five biggest byod. Bring your own device byod is a rapidly growing trend in businesses concerned with information technology. However, byod has also heightened security risks for organizations. Todays enterprises struggle to balance byod risks and rewards. The number of external devices that can now connect to a company that implements a byod policy has allowed for a proliferation of security risks.
How to write a good security policy for byod or companyowned. In addition, this paper introduces the byod policy and management practices at verizon wireless as an organizational case study for analysis and recommendations on how to mitigate security risks. Guide to enterprise telework, remote access, and bring your own device byod security. Byod provides opportunities for organizations to improve productivity, efficiency, and agility of a mobile workforce.
Jun 21, 20 how byod brings security risks into corporate networks. Attackers are quick to exploit design flaws or architectural weaknesses that can be used to steal data, sabotage networks or siphon funds. Addressing the 5 biggest security risks ccb technology. Best practices to make byod, cyod and cope simple and secure. Getting that sales contact information backed up off the mobile device and onto the company crm system is a priority. However, security issues are slowing the adoption of byod. Top security risks of implementing a byod policy and how. The 2016 byod and mobile security report focuses on these security challenges and offers fresh insights on the state of mobile threats and solutions. Cisco mconcierge international association of privacy. Employers create byod policies to meet employee demands and keep employees connected.
But at the same time, byod faces a fair amount of criticism, with lax security at the forefront of concerns. Sep 14, 2016 byod bring your own device is the policy where employeeowned devices are used in a business. For most companies, it makes sense to embrace the byod trend and capitalize on the benefits it offers, such as increased employee productivity and greater. Apr 06, 2018 byod provides opportunities for organizations to improve productivity, efficiency, and agility of a mobile workforce. How cisco it designed a secure byod architecture cisco.
Indeed, organizations are exposed to risks such as the loss or theft of sensitive information, malware targeting mobile devices including the. Ensure that the management team is aware of the risks, including insider threats, and has included byod in broader risk management. This whitepaper explains the risks and rewards of byod, and shows you how you can adopt byod in your workplace while protecting your data. Your own device byod initiatives whereby employees use their own mobile devices to perform work tasks the security risks have increased significantly and the need for effective mobile security.
Despite concerns about bring your own device byod security risks, employees over the past years have enjoyed the multiple benefits of byod. The reality is that many people are already bringing their own devices to work, whether sanctioned or not. To understand device security, its critical to have some measure of control and management over devices, which is a particular challenge in the modern bring your own device. Bring your own device byod an information security. The challenge remains to identify security risks associated. Ensure that the management team is aware of the risks, including insider threats. It needs to mandate the use of uptodate security software on all devices, ensure that all locallystored data is backed up on a regular basis and include a procedure allowing you to remotely wipe devices that are lost or stolen. Zdnet says security is the most common reason for businesses for avoiding. The it guide to handling byod security risks in the workplace.
The national institute of standar ds and technology lists these high level threats and vulnerabilities of mobile devices. An analysis of the key risks and how existing control mechanisms. The ico also highlights the byod risks associated with increased monitoring at work by the technical measures that the company could put in place in order to ensure the security of the company. Your own device byod initiatives whereby employees use their own mobile devices to perform work tasks the security risks have increased significantly and the need for effective mobile security technologies is greater than ever. Byod, offers productivity benefits that are hard to ignore. Cisco mconcierge 201 9 smartphone security practices personal smartphone usage at work varies within socalled sensitive industries, or sectors that come with greater expectations of privacy and. Byod presents a unique list of security concerns for businesses implementing byod policies. Find out the best way to keep smartphones and tablets safe from hackers and the dangers of public wifi and usb ports. Dont mandate security solutions without engaging users first otherwise employers risk losing productivity from nearly 50% of employees acknowledge the employees byod concerns and personal privacy when setting mobile security policy by using a. This paper focuses on two key byod security issues. Currently, were working on a fourth byod security capability.
In the past five years alone, weve seen a number of significant shifts in technology and workplace culture. If you want to show potential clients around your premises, you want to be welcoming and allow them to connect to your network, but you also need to show that your company has tight. Cisco identity services engine ise is the technology behind this capability. Bring your own device byod policies are making a significant impact on the workplace.
Many tech providers offer byod security solutions that address security vulnerabilities while satisfying user privacy. When it comes to dealing with byod and its attendant risks, the best defense may be a good offense. Dont mandate security solutions without engaging users first otherwise employers risk losing productivity from nearly 50%. Reducing the risks of byod in the enterprise free pdf. Bring your own device byod and acceptable use policy security of information, and the tools that create, store and distribute that information are vital to the longterm health of our. Effects of bring your own device byod on cyber security. Best practices to make byod, cyod and cope simple and. Like in other industries, use of mobile devices is prevalent in healthcare. Byod, security controls, nac, mdm, mam, virtualization. What are the main drivers and benefits of byod for. Nov 05, 2017 despite concerns about bring your own device byod security risks, employees over the past years have enjoyed the multiple benefits of byod. Bring your own device byod is one of the most complicated headaches for it departments because it exposes the entire organization to huge security risks.
Overcoming challenges, creating effective policies, and mitigating risks to maximize benefits. Cisco mconcierge 201 9 smartphone security practices personal smartphone usage at work varies within socalled sensitive industries, or sectors that come with greater expectations of privacy and security. According to a recent survey by harris interactive and eset, more than 80% of employed adults use some kind of personally owned electronic device for. Apr 03, 2018 how to write a good security policy for byod or companyowned mobile devices. With these new changes come new security risks, so how do we address them.
Understanding the security risks of byod adoption in the workplace including liability, ramifications, security breaches, data storage and retrieval. Indeed, organizations are exposed to risks such as the loss or theft of sensitive information, malware targeting mobile devices including the increasingly popular android operating system as well as the ease with which attackers can access confidential business information. Byod risks and rewards how to keep employee smartphones, laptops and tablets secure by gerhard eschelbeck, chief technology officer. So too have employers, who are unlikely ever to stop staff from bringing their own devices to work or using them remotely for work purposes.
Holding off from adopting a byod policy is an uphill battle. Apr 05, 2017 to understand device security, its critical to have some measure of control and management over devices, which is a particular challenge in the modern bring your own device byod world. They may also do it to save money by eliminating the need for company plans and devices. Analysis of security controls for byod bring your own device. Guide to enterprise telework, remote access, and bring.
How to write a good security policy for byod or companyowned mobile devices. Here are the ways your organization can address the five biggest byod security risks. How to write a good security policy for byod or company. White paper best practices to make byod, cyod and cope simple and secure. Sep 23, 2014 currently, were working on a fourth byod security capability. Foster a culture of awareness around byod security and privacy through periodic newsletters, emails, intranet posts, etc. Your security policy should address the common risks of byod. Those industries for the purposes of this study included healthcare, legal and banking sectors. Users guide to telework and bring your own device byod. An informed user is more likely to buy into byod security requirements. Ten tips for securing devices and reducing byod risks.
259 1224 467 757 225 1398 1009 1659 193 1432 772 1316 1449 24 821 288 29 1012 1019 910 898 170 896 1206 1219 1247 124 281 683 1351 27 1481 1180