The Current Climate of BYOD
The Bring Your Own Device era is in full effect.
Millions of people access work data on a company server using their own personal mobile devices. But security teams are paid to worry, and many question the wisdom of allowing employees to use their own phones/laptops/tablets for work.
However, they’ve learned to deal with this new reality forced upon them. Putting in place stringent company-wide rules backed up by MDM solutions to exercise a certain degree of control, will hopefully mitigate the consequential risks imposed by using privately-owned devices. Though of course, the logistics will always be difficult to manage, especially when employees use more than a single device. But those are just minor annoyances. The more complicated concern is that despite all the efforts to teach best practices, there will always be employees that will continue to be careless which leaves their devices exposed to attackers, and in turn, their employers’ data.
Even when the savviest of your employees conduct themselves according to the book, they may still accidentally expose corporate information. Individuals downloading apps from a third-party resource can fall prey to attackers who have demonstrated their ability to infiltrate malicious apps that hide themselves. Earlier this fall, for example, researchers found that hidden malicious apps were downloaded more than 2 million times from the Google Play Store. We’re talking about a primary app vendor here; the potential risk when a user accesses a third-party site is even greater.
Here are a few tips to help prevent any unwanted BYOD-related woes within your company.
On the Employee Side
- Try not to let your mobile apps get out of date. Most patches are due to developers dealing with new vulnerabilities. Don’t ignore patches and updates!
- Stick with the major trusted vendors and stores when downloading apps. Opting to download an app from an unfamiliar site poses very real risks in today’s cyber climate.
- Use mobile security apps to keep your device and data secure
- Take note if your phone’s battery drains faster than normal; it could be due to unwanted background processes. This could always be a sign that you have malicious programs running in the background.
- Pay attention to your IT department’s email blasts and announcements!
On the Employer Side
- A comprehensive security suite. Such as a combination of the latest antivirus technology, advanced firewall, and web browser protection to protect your organization’s mobile devices and users against everyday threats. Preventing unauthorized access to sensitive corporate information is the top priority.
- Consider a mobile security solution with enterprise-level management so that administrators can centrally define and distribute security policies to mobile devices OTA.
- Use a mobile management solution that lets administrators secure and manage the organization’s mobile devices from a single management console
- Do systematic updates of content along with scheduled (background) or manual scanning of all devices.