Getting Serious About BYOD Security

Sue Marquette Poremba

Maybe it is because it is spring and people don’t want to be tied down to their desks after a long winter, but it seems like BYOD – and in turn, BYOD security – is being discussed a lot more lately.

Slide Show

Survey Exposes Concerns About Employee Privacy for BYOD

I especially liked reading TechRepublic’s list of BYOD nightmares, even though only a few of the issues concerned security. But those issues are good reminders – make sure all BYOD includes an app for remote wipe in case of theft or loss (and theft has become a serious problem, especially for smartphones), the importance of not storing your passwords on the device, and remembering that smartphones and tablets are just as susceptible to viruses and malware as desktop computers. One thing the article missed in its suggestions was making sure the device is password protected. Having a remote wipe app isn’t enough to protect a device that is lost or stolen. Owners should have an extra level of protection to make it more difficult for someone to get into the device before it can be wiped. (And it is also important to make sure the device goes back to locked status quickly after use. Yes, it is easier to have it wait a few minutes, but if your device is picked up moments after you last used it, having password protection is pointless.)

I’ve seen some interesting twists to the BYOD conversation, however. I noticed today that another acronym has been added to the BYO group – BYOL, or bring your own liabilities. An article in discusses why it is important to have a solid BYOL policy in place if your company also incorporates BYOD:

The policy needs to cover things like the type of devices that can be used by employees, access rights, support arrangements, tracking and monitoring and remote wiping. Much of the policy will not, in fact, directly address legal issues. Having a clear policy will, however, assist in reducing legal exposure.

Legal liabilities seem to be one of those areas that get skipped over in the BYOD discussion. The concern, and rightly so, is on making sure the corporate data is safe and secure, but as the article pointed out, BYOD can expose data without the corporation even being aware, adding a new level of risk to data security.

This concern for BYOL could be a reason why network access control (NAC) is making a bit of a comeback, according to eSecurity Planet:

NAC allows companies to see what is connecting to their networks, and control which parts of the network employees and guests can access with their mobile devices.

BYOD isn’t going anywhere, but it appears that companies and security experts are getting a better handle on promoting security for a changing workforce.

Add Comment      Leave a comment on this blog post
May 12, 2013 5:29 PM Steve McGee Steve McGee  says:
According to eMarketer, in 2012 U.S. 63.2% of Millenials access the Internet from mobile devices. This is great news for most industries such as renewable energy due to the constant travel of maintenance reps. Staff needs to be on the road to service existing customers, install new equipment or troubleshoot malfunctions. Being able to have mobile access to real-time information across operations while outside of the office, empowers staff to set their own schedules and make better and more timely judgment calls. I think that IT managers have to welcome BYOD and be more flexible. Reply

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.