The BYOD Security Risk Introduction The introduction of mobile devices in the workplace has been on the rise and there is no denying that these devices are transforming how companies do business. This has introduced the BYOD or Bring Your Own Device model in the workplace and its becoming more popular every day. BYOD is a policy that accepts employees bringing personally owned mobile devices to their workplace and using them to access company data such as email, file servers and databases as well as their personal applications and data.
But as data transmissions increase with these devices so does the chances of them being hacked and the burden of successfully managing the mobile devices is laid upon the IT departments. One of the real underlying issue with BYOD and mobile security is the that people in IT, compliance and internal audit aren’t willing to stick their necks out and try to enforce their mobile security policies or enforce an effective Enterprise Mobility Management solution. First Section Title goes here
Enterprise Mobility Management can be described as the set of people, processes and technology focused on managing the increasing array of mobile devices, wireless networks, and related services to enable broad use of mobile computing in a business context. Enterprise Mobility can be broken down into 2 parts Mobile Application Management and Mobile Device Management. In short Mobile Application Management or MAM is the use of secure application to connect employees to Crop data and the application secures the data from other apps on your phone.
It’s time to ignore the standard approved device list, locking down corporate apps, and enforcing mobile device policy. The risk of a CIO or IT department failing to implement a suitable solution for their mobile device network is very real. It’s time to explore new ideas to effectively manage a mobile device network via the Enterprise Mobility platform. The invasion of mobile device’s into the workplace is going to happen weather industry leaders want them to or not, and smarter companies are looking to deploy Enterprise Mobility strategies before they are overrun.
Third Section title goes here Adapting security and management for the new generation of mobile devices is turning out to be a huge corporate challenge. The Company Thomson Reuters like many companies is struggling to find which enterprise mobility management and security systems for their mobile device network consisting of mostly IPads and IPhones. Thomson Reuters has introduced the BYOD approach to its users to but not without a signed document requiring employees to surrender their device to IT if necessary if detection of negligent use.
The problem with BYOD is that current IT, compliance and internal audits departments need to “Get With It” and enforce their mobile security policies. The threat of a security breach with mobile devices is real and large companies need to realize it and find the balance between usability and security. And it’s not just large companies and corporations that are being affected the BYOD model or the user of mobile devices in the workplace. Small business in the last several years and most businesses found mobile devices useful.
But few small businesses are a where of the significances of an adequate mobile device management solution. A survey was conducted by CDW of 753 mobile device users and IT professionals from July 2012 to June 2012. The survey found that 79% of the small businesses deployed smart-phones to some of their employees but 67% of IT managers in the survey are unfamiliar with Enterprise Mobility Management software. The use or knowledge of mobile device management is virtually non-existent in small businesses.
Fourth Section title goes here Not only is the lack of preparation by IT departments a problem in posing a security risk, but the devices and the applications on them pose a security risk. Bit9 did a research study analyzing the security permissions of Androids 400,000 apps and found over 100,000 posed a security risk. 72% of them use at least one high-risk permission and 26% access personal data such as gps location, email, and contacts information.
Even some basic apps like wallpaper apps ask for gps data and should be a red flag to users. Having these apps on your Android mobile device along with company date could be a serious problem. Especially since the average user doesn’t read the information pertaining to the app their installing. Fifth Section title goes here Furthermore the mobile devices themselves can be lost or stolen and if the data is not encrypted it can be accessed. In less than two years, from September 22, 2009 through May8, 2011, the U. S.
Department of Health and Human Services (HHS) Office for Civil Rights (OCR) indicates that 116 data breaches of 500 records or more were the direct result of the loss or theft of a mobile device, exposing more than 1. 9 million patients’ PHI. Sixty-four percent of physicians own smartphones and 30 percent of physicians have an iPad, with another 28 percent planning to buy one within six months, according to a recent Manhattan Research study. If one of these devices with patient information was lost without any type of enterprise mobility management software the patient data can be exposed.
Conclusion In conclusion businesses can save money by letting employee’s buy their own devices, IT departments need to implement secure, efficient ways to let employees, contractors and guests gain access to the corporate network, while protecting data and applications. It takes a proactive approach to solve this BYOD problem and IT departments need to educate themselves on an enterprise mobility solution as mobile devices in the workplace is only going to play a larger role. Being able to manage and secure your mobile device network should be a priority of an IT Department.