Tech Pro Research says, 74% of organizations have already adopted or are on their way to adopting the Bring Your Device culture into their organizations.
This BYOD culture has become the phenomenon over which the efficiency of an enterprise’s mobility hinges. 53% of employees who use their devices at work, for work related purposes, say it helps them be better at their jobs. This spike in efficiency means companies get an equivalent of $5,114 worth of extra work, per annum, from these employees.
On the other hand, Dimension Data states, 71% of the global organizations they reviewed named data security as their biggest enterprise mobility concern.
IT security companies are scrambling to bring a solution to the market that could completely protect the enterprise’s mobility network from cybercriminals. However, such a solution has not yet been developed. Partial solutions like MAM, MDM, MTM (mobile threat management) etc. are still not effective at covering all the gaping holes the BYOD culture exposes an enterprise’s network to.
Until a comprehensive enterprise mobility security solution is developed, organizations will have to adopt several security solutions and best practices to shield themselves from cyber-attacks. Securing the mobile devices that connect to the enterprise’s network is the first, and the most logical, step.
Improving BYOD Security to Protect the Enterprise Network
You don’t want to stop your employees from using their personal mobile devices to access the company’s network and information. But, you don’t want the security threats it exposes your corporate network to, either.
What should you do?
Implement strong end point security measures, is what you should do.
After your enterprise’s mobility security solution, end point security measures are your first line of defense. These measures will reduce the chances of cyber attacks via malware and viruses through insecure 3rd party applications on an employee’s personal device.
Set clear guidelines for personal device security and make it mandatory for every employee to comply.
Here are a few BYOD policies from PCM Canada that you can enforce to reduce the chances of cyber attacks through your employee’s personal collection of apps:
1. Do not Allow Jail broken and Rooted Devices to Connect to the Corporate Network
Most mobility security suites consider jail broken and rooted devices compromised in terms of security. Because such devices bypass the manufacturer’s safeguards, they are even more vulnerable to malware, viruses and other hacks than contract devices.
If these devices connect to the corporate network, a virus or malware piggy backing on the device can easily be unleashed into it. Once done, it will be a doorway into the network for any hacker to exploit.
2. Enforce Screen Lock Passwords
This may seem trivial, but you would be surprised by how many people do not put screen lock patterns or pass-codes on their smart devices. Making it that much easier for data thieves to siphon sensitive data from their devices.
This is precisely why many mobile security suites can force an employee to keep a screen password. But, if yours doesn’t have that feature, then make sure you enforce this simple, yet crucial, policy.
3. Install Anti-Virus
Anti-viruses still go a long way in protecting a device from certain common viruses. Make sure all your employees install an anti-virus program that is compatible with mobile management suite.
4. Anti-Spyware Software
Every employee device should have an anti-spyware software that protects against malwares. Indications of malware in your system are excessive pop-ups when you browse, system lag, random error message and new toolbars installed into your browser without your consent etc. Malwarebytes and Spybot Search and Destroy are very good at finding obscure malware.
5. Use Automatic Updates for Trusted Applications
Common applications like Google Chrome, Mozilla Firefox, iTunes etc can have vulnerabilities. These organizations cover these vulnerabilities by issuing security patches to them. Ensure that all devices that connect to the corporate network have updated security patches from trusted sources.
6. Encrypt Files and Online Traffic
Use a simple file encrypting solution like 7ZIP to compress and password protect important files that you send over the internet. Use VPNs to protect your internet communications.
7. Secure Online Activities
Instruct your employees to only browse to websites that can be trusted. Only access a website it its address starts with https://. To secure browsing activities further, instruct employees to install the Tor Browser on their devices. Tor hides browsing activities by routing the device’s traffic through the Tor Network.
8. Create Backups
Protect from data loss by creating backups of both personal and corporate information. Creating backups let you mitigate the increasing threats of ransomware and aggressive malware that erase your data after stealing it. Back up your information using products like Google Drive, OneDrive, DropBox etc.
9. Keep Different Passwords for Different Accounts
Most people keep the same password across multiple accounts – business and personal alike. Don’t make it easier for hackers to hack all your accounts at once. Strongly discourage this practice and ensure that your employees have different, strong passwords for each account – no matter what service it may be. Encourage the use of password managing tools like LastPass, so that they don’t forget any of their passwords.
10. Install Remote Wipe Capabilities
Every device that connects to your organization’s network should be outfitted with remote wipe capabilities in case the physical device itself is stolen. This way, in the unfortunate event of device theft, sensitive data can be immediately erased by activating remote wipe. This ensures that sensitive corporate data never falls into the wrong hands.
The BYOD is a significant new trend that brings a plethora of security concerns and management issues. Employees want the freedom to bring their own devices to work; therefore it falls on you to maintain a secure environment not just for your employees but for your stakeholders and customers as well.
Implementing mobile security solutions in tandem with best practices to enhance mobility security at the device level boost the overall security of your corporate network.
Introducing the above guidelines to your workforce will go a long way in protecting your network from security breaches that originate from the BYOD phenomenon.