According to a recent article in the Huffington Post, nearly half of all robberies in San Francisco are smartphone thefts. These aren’t just simple thefts of someone picking up the phone sitting on the table at a café or bar, but phones being ripped from a person’s hand as they are in the middle of a conversation and armed robberies that specifically want the phone.
As a smartphone owner, a story like this is almost enough to make me want to leave the phone at home, or at least not use it in public places. Smartphone users now must battle in-person criminals as well as cybercriminals.
A survey of 4,000 full-time employees by technology consulting firm Ovum found that while nearly 70 percent of all smartphone-owning professionals are using their personal device to access corporate data, 80 percent of BYOD activity remains inadequately managed by IT departments. The survey found nearly half of the IT departments of the respondents’ employers either did not know of BYOD or were ignoring its existence, operating a “don’t ask, don’t tell” policy, while just 8.1 percent actively discouraged it.
There are a lot of articles out there that will give you steps and ideas on how to implement BYOD security practices, but I think that before you can implement something, you have to get people at all levels to understand why it is needed. Why isn’t BYOD activity adequately managed and do employees know the risks involved, and what they can lose (and I’m not just talking about the phone itself)?
As Ovum senior analyst Richard Absalom said in a statement quoted by eWeek:
BYOD multiplies the number of networks, applications and endpoints through which data is accessed. These are the three main points at which data is vulnerable; so, if left unmanaged, BYOD creates a huge data security risk.