The reality is that many people are already bringing their own devices to work, whether sanctioned or not. As byod has become increasingly common and awareness of security. While it is impossible to guarantee byod security, following these recommendations will help organizations to mitigate byod risks by securing devices. Bring your own device byod is one of the most complicated headaches for it departments because it exposes the entire organization to huge security risks. However, security issues are slowing the adoption of byod. These tips should serve as a byod security best practices guide for end users and itsecurity teams alike. This whitepaper explains the risks and rewards of byod, and shows you how you can adopt byod in your workplace while protecting your data. Top security risks of implementing a byod policy and how to. Getting that sales contact information backed up off the mobile device and onto the company crm system is a priority.
In addition, this paper introduces the byod policy and management practices at verizon wireless as an organizational case study for analysis and recommendations on how to mitigate security risks. Find out the best way to keep smartphones and tablets safe from hackers and the dangers of public wifi and usb ports. Top security risks of implementing a byod policy and how. Holding off from adopting a byod policy is an uphill battle. The it guide to handling byod security risks in the workplace. Attackers are quick to exploit design flaws or architectural weaknesses that can be used to steal data, sabotage networks or siphon funds. Like in other industries, use of mobile devices is prevalent in healthcare. How to write a good security policy for byod or companyowned.
Without a coherent, comprehensive strategy for byod, cyod or cope, encompassing both policy and. Indeed, organizations are exposed to risks such as the loss or theft of sensitive information, malware targeting mobile devices including the. Jan 02, 2019 solutions to byod physical security risks if you cant stop remote employees from using their own devices, the only option is to embrace the practice and control access to information. They may also do it to save money by eliminating the need for company plans and devices. However, byod has also heightened security risks for organizations. With corporate data on a personal device, it is especially important that organizations. Many tech providers offer byod security solutions that address security vulnerabilities while satisfying user privacy.
Sep 14, 2016 byod bring your own device is the policy where employeeowned devices are used in a business. But at the same time, byod faces a fair amount of criticism, with lax security at the forefront of concerns. The 2016 byod and mobile security report focuses on these security challenges and offers fresh insights on the state of mobile threats and solutions. This paper focuses on two key byod security issues. Jul 29, 2016 each telework device is controlled by the organization, a third party such as the organizations contractors, business partners, and vendors, or the teleworker. The risks of social media in the workplace in addition to the risks of byod, there is an increasing risk from the use of social media, both by the organisation and by its employees individually. In the past five years alone, weve seen a number of significant shifts in technology and workplace culture. For it security teams, the new risks typically include security vulnerabilities. It needs to mandate the use of uptodate security software on all devices, ensure that all locallystored. An analysis of the key risks and how existing control mechanisms address them is also conducted. Overcoming challenges, creating effective policies, and mitigating risks to maximize benefits. Sep 23, 2014 currently, were working on a fourth byod security capability. Here are the ways your organization can address the five biggest byod.
Guide to enterprise telework, remote access, and bring. Theres no silver bullet for byod security, but in this article, enterprise information security pros share their strategies for. Todays enterprises struggle to balance byod risks and rewards. Your security policy should address the common risks of byod. Smartphones are the most common device used in byod settings, although laptops, tablets, and usb drives are also commonly brought into the workplace. Cisco mconcierge 201 9 smartphone security practices personal smartphone usage at work varies within socalled sensitive industries, or sectors that come with greater expectations of privacy and security. The ico also highlights the byod risks associated with increased monitoring at work by the technical measures that the company could put in place in order to ensure the security of the company.
Nov 05, 2017 despite concerns about bring your own device byod security risks, employees over the past years have enjoyed the multiple benefits of byod. Guide to enterprise telework, remote access, and bring your own device byod security. The number of external devices that can now connect to a company that implements a byod policy has allowed for a proliferation of security risks. What are the main drivers and benefits of byod for. Dont mandate security solutions without engaging users first otherwise employers risk losing productivity from nearly 50% of employees acknowledge the employees byod concerns and personal privacy when setting mobile security policy by using a. Ten tips for securing devices and reducing byod risks. How to write a good security policy for byod or companyowned mobile devices.
Byod, offers productivity benefits that are hard to ignore. Addressing the 5 biggest security risks ccb technology. According to a 20 ernst and young study on byod, about 22% of all mobile devices produced will be lost or stolen during their lifetime and about 50% of all these lost or stolen devices will never be recovered. Those industries for the purposes of this study included healthcare, legal and banking sectors. If you want to show potential clients around your premises, you want to be welcoming and allow them to connect to your network, but you also need to show that your company has tight. Currently, were working on a fourth byod security capability.
According to a 20 ernst and young study on byod, about 22% of all mobile devices produced will be. Despite concerns about bring your own device byod security risks, employees over the past years have enjoyed the multiple benefits of byod. Bringing down security risks with a byod encryption policy. How to write a good security policy for byod or company. An analysis of the key risks and how existing control mechanisms. The challenge remains to identify security risks associated. Cisco identity services engine ise is the technology behind this capability. Jun 21, 20 how byod brings security risks into corporate networks. So too have employers, who are unlikely ever to stop staff from bringing their own devices to work or using them remotely for work purposes. Ensure that the management team is aware of the risks, including insider threats, and has included byod in broader risk management. This ebook identifies areas of concern and outlines the steps you can take to protect company. Indeed, organizations are exposed to risks such as the loss or theft of sensitive information, malware targeting mobile devices including the increasingly popular android operating system as well as the ease with which attackers can access confidential business information.
Cisco mconcierge 201 9 smartphone security practices personal smartphone usage at work varies within socalled sensitive industries, or sectors that come with greater expectations of privacy and. Cisco mconcierge international association of privacy. When it comes to dealing with byod and its attendant risks, the best defense may be a good offense. Many company security breaches result from lost or stolen devices. According to a recent survey by harris interactive and eset, more than 80% of employed adults use some kind of personally owned electronic device for. Reducing the risks of byod in the enterprise free pdf. Apr 03, 2018 how to write a good security policy for byod or companyowned mobile devices. Pdf formats, word documents, and video in particular pose risks.
Here are the ways your organization can address the five biggest byod security risks. Byod, security controls, nac, mdm, mam, virtualization. Apr 05, 2017 to understand device security, its critical to have some measure of control and management over devices, which is a particular challenge in the modern bring your own device byod world. Ensure that the management team is aware of the risks, including insider threats. Attackers are quick to exploit design flaws or architectural weaknesses. Bring your own device byod policies are making a significant impact on the workplace. Your own device byod initiatives whereby employees use their own mobile devices to perform work tasks the security risks have increased significantly and the need for effective mobile security technologies is greater than ever. How cisco it designed a secure byod architecture cisco. We will control access based on device identity, connection type, and network access privilege. These tips should serve as a byod security best practices guide for end users and it security teams alike. Users guide to telework and bring your own device byod security. People can inadvertently download a malicious app, click on a malicious.
Foster a culture of awareness around byod security and privacy through periodic newsletters, emails, intranet posts, etc. Effects of bring your own device byod on cyber security. Users guide to telework and bring your own device byod. How byod brings security risks into corporate networks. To understand device security, its critical to have some measure of control and management over devices, which is a particular challenge in the modern bring your own device. Bring your own device byod an information security. Apr 06, 2018 byod provides opportunities for organizations to improve productivity, efficiency, and agility of a mobile workforce.
Malicious software malware also threatens device and data security. Jun 01, 2018 bring your own device byod is one of the most complicated headaches for it departments because it exposes the entire organization to huge security risks. An informed user is more likely to buy into byod security requirements. Bring your own device byod is a rapidly growing trend in businesses concerned with information technology. Best practices to make byod, cyod and cope simple and. Your own device byod initiatives whereby employees use their own mobile devices to perform work tasks the security risks have increased significantly and the need for effective mobile security. Xss where hacker code is injected into web pages and downloads onto the device when the page is loaded into the browser. Bring your own device byod and acceptable use policy security of information, and the tools that create, store and distribute that information are vital to the longterm health of our. Byod risks and rewards how to keep employee smartphones, laptops and tablets secure by gerhard eschelbeck, chief technology officer. Bring your own device byod is a current industry trend that allows employees to use their personal devices such as laptops, tablets, mobile phones and other devices, to connect to the internal network. Zdnet says security is the most common reason for businesses for avoiding. Without a coherent, comprehensive strategy for byod, cyod or cope, encompassing both policy and technology, an organization can face significant risks from security and compliance gaps to escalating it complexity.
Employers create byod policies to meet employee demands and keep employees connected. To give you more of an idea, here are the top security risks of implementing a byod policy. Understanding the security risks of byod adoption in the workplace including liability, ramifications, security breaches, data storage and retrieval. With these new changes come new security risks, so how do we address them. Each telework device is controlled by the organization, a third party such as the organizations contractors, business partners, and vendors, or the teleworker. Best practices to make byod, cyod and cope simple and secure.
The national institute of standar ds and technology lists these high level threats and vulnerabilities of mobile devices. White paper best practices to make byod, cyod and cope simple and secure. Dont mandate security solutions without engaging users first otherwise employers risk losing productivity from nearly 50%. For most companies, it makes sense to embrace the byod trend and capitalize on the benefits it offers, such as increased employee productivity and greater. Find out the best way to keep smartphones and tablets safe from hackers and the dangers of public wifi and. The ultimate guide to byod bring your own device in 2020. A user who does not understand their companys byod security policy is an instant vulnerability. Analysis of security controls for byod bring your own device. Byod presents a unique list of security concerns for businesses implementing byod policies.
Again, you can block xss on your own network, but not on the devices of your employees. To effectively manage byod, security managers need to define new strategies to manage the resulting risks. Byod provides opportunities for organizations to improve productivity, efficiency, and agility of a mobile workforce. It needs to mandate the use of uptodate security software on all devices, ensure that all locallystored data is backed up on a regular basis and include a procedure allowing you to remotely wipe devices that are lost or stolen.
551 1418 327 1224 1373 7 57 1482 216 157 903 1253 1364 743 382 1217 221 1134 1115 86 118 1361 328 944 1206 666 470 54 235 854 104