Are We Secure Enough for Mandatory BYOD?

Sue Marquette Poremba

Gartner recently released a study finding that by 2017, BYOD in the workplace is going to be mandatory.

Slide Show

The Ten Commandments of BYOD

Whether Gartner is correct in its assessment, I do not know. Four years is a long time, and technology changes so fast. Who even knows what we’ll be using for our computing in 2017.

What I do know is that BYOD is growing stronger, and if we do become a BYOD workforce in the coming years, we better start thinking a lot harder about mobile security. I mean, thinking outside the box of what we would normally think about with mobile device security. As a PC World article said, if you are smart with the basic security practices – primarily downloading apps only from trusted sources – you already have a leg up on security.


However, security goes beyond malicious apps and putting good AV software on your device of choice. As we know, the bad guys are getting smarter, so we have to protect against that. The PC World piece stated:

Lookout recently identified the BadNews malware family, which disguised itself as an everyday ad network to sneak 32 apps into Google Play, and then began acting maliciously only after those apps had been downloaded between 2 million and 9 million times. Built-in app store security doesn't protect against trickery like that.

But there is more to security than malware or falling for phishing schemes, which, the PC World article pointed out, is a serious problem for those on iOS platforms. It is also about the physical security of your device. (And based on some of the news stories I’ve seen and personal stories I’ve heard, personal security is also an issue, as thieves have become quite bold about ripping the phone right out of your hand.) How well protected is the device if it is stolen or lost? What is on your phone that could put you or your company at risk and how well is that protected?

The ideal security setup is to password-protect and lock the device, but surveys show that the majority of users aren’t doing that. After that, the device should have remote wipe, but that isn’t a fool-proof security method either. According to computer forensics experts, deleted data lingers in your phone or tablet, just like it does on your computer, and devices to extract that data are cheap and easily available online.

If we are going to be a BYOD workforce in the not-too-distant future, then IT and security departments are going to have to dig in deeper and harder when it comes to security policies. And frankly, in my opinion, if there will be any deterrent to the mandatory BYOD workforce, security might be it.



Add Comment      Leave a comment on this blog post
May 17, 2013 11:43 AM Swarna Swarna  says:
Interestingly, a survey recently conducted by Symantec (the company I work for) found that 83 percent of the organizations surveyed already allow employees to use personally owned devices for business use. However, nearly 60 percent reported their organizations do not yet give employees access to the same apps on BYOD devices as they do on corporate-owned devices. So, to your point, Sue, while BYOD is growing in popularity it appears to not have full trust and confidence among IT leaders just yet. I think we’ll see this change over the next four years, though, as more companies learn to trust the technology available to secure and manage personally-owned mobile devices, such as mobile application management. For anyone interested, you can read more about our survey here: http://www.symantec.com/connect/blogs/survey-despite-security-incidents-byod-worth-risks. Swarna Podila Symantec Reply

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

null
null

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.