The bring your own device fear factor

Backpack with staff laptopIt’s official: businesses that allow mobile workers are in the majority. In fact, they’re the overwhelming majority.

A survey found that nine out of ten small and medium-sized businesses have some kind of remote workforce

At the same time, the ‘bring your own device’ (BYOD) trend has emerged. Some companies allow employees to choose their own IT equipment (like laptops, tablets and smart phones) rather than imposing standard models on them. Others actively encourage staff to bring in their own equipment.

There are some extra security risks involved if you decide to encourage BYOD. But even if you’re not actively encouraging BYOD, it’s vital you stay aware of the dangers, because it’s likely some employees will use their own equipment – whether you like it or not.

Here are five tips to help you stay secure, even when employees are using their own equipment:

  • Accept the inevitable. Most employees will log onto the company network via their personal devices even if they are told they shouldn't. More than 50% of employees use portable devices to take confidential data out of their companies every day.
  • Offer convenience as well as security. If your security policy is overly cumbersome or inconvenient, staff will find a way around it. Don't underestimate the ingenuity of employees looking to circumvent procedures that slow them down.
  • Provide the right equipment. It’s all very well to say that your staff must encrypt any USB memory sticks they use, but unless you actually supply encrypted memory sticks, you’ll find staff using their own, unencrypted ones anyway.
  • Pay attention to the small things. Losing a £5 memory stick can cost your business more than losing a laptop. That’s because data on a memory stick is less likely to be encrypted. Staff are more likely to just replace the memory stick quietly and carry on as if nothing has happened.
  • Your staff are your best defence. The most efficient way to prevent security problems is to train your employees on good security practices. Everyone should learn how to recognise phishing attacks, dodgy websites, fake adverts and other infection sources.

This article was written by Nick Banks, head of EMEA and APAC at Imation Mobile Security.

More on this topic: