The traditional desktop computer is no longer the only device we use to get work done. For the past few years workers have increasingly begun to use their own smartphones and tablets for work. According to a study carried out by Tech Pro Research, 74% of businesses allow, or are planning to allow, their employees to bring their own devices to the office.
Despite the benefits to companies, such as being able to communicate easier with the employee when they aren’t at their workstation, security remains a priority and with the culture of BYOD (Bring Your Own Device), it’s important to keep on top of it.
The variety of devices used in the workplace, and the resulting loss of control held by the business, means that cybercriminals are able to take advantage of the many vulnerabilities in mobile devices to access the company’s network.
The National Cybersecurity Institute of Spain, the INCIBE, has advised businesses of the dangers that they face when adopting a BYOD culture and have therefore suggested some measures to avoid such threats.
So, instead of asking your employees to remove their work email from their mobile devices, the best thing you can do is follow the tips given by the INCIBE which will better protect your employees’ devices and guarantee the confidentiality of your company’s information.
-
Assign someone to be in charge of managing the devices
You need to give the responsibility to a member of the IT department to make it easier to control. If you company is small, you can contract an external service or one on the cloud.
-
Give support to all platforms possible
The IT department of the business has to guarantee technical support for all devices used by employees so as they can work in a safe an effective manner.
-
Educate about security
The first people who need to be aware of the vulnerabilities of their devices are the workers. Therefore, INCIBE recommends training them so that they know not to visit certain websites and that they are conscious of the risks involved with installing applications.
-
Keep on top of updates and avoid localization
Updating all of the applications and operating systems on the devices is a basic necessity – old versions of Android are exposed to a whole host of vulnerabilities. Deactivating the GPS is another tip that you should pass on to your employees, so as to avoid someone being able to localize them.
-
Keep your information secure
If an employee accesses relevant documents from their mobile device, it’s possible to add an extra password or encrypt the device so as to stop cybercriminals from getting their hands on the information.
-
Control access to highly confidential information
Give out ID cards (PIVs) and restrict access to confidential information to only those who need it for their daily work.
-
BYOD isn’t suitable for all businesses
In some networks, such as industrial control systems, it isn’t advisable for employees to use their own devices.
-
Be careful with external devices
Our mobiles leave traces and things such as Find My iPhone or Android’s administrator options help us to find them easily. We can also use these tools to control which devices are accessing our network and stop our information from being spied on from outside parties.