We are living in a busy world and the use of personal mobile devices in everyday life is becoming more and more prevalent. Advancements in mobile devices and applications have made working on the go more convenient. As a result, employees are increasingly demanding 24x7 access to enterprise data from a wide range of personal mobile devices. Bring Your Own Device (BYOD) is becoming the rule rather than the exception in the modern workplace.
This growth demand for BYOD has become an issue for IT professionals. More employee-owned mobile devices in the workplace, particularly where those devices are unmanaged, can mean greater potential for data leaks. As IT professionals continue to search for solutions that can handle unmanaged devices, malware, and risky mobile apps, equally important are risky user behaviors.
In order to have a good plan of action when securing sensitive data organizations need to understand the risks associated with employee-owned device usage. These are four habits of BYOD users and how they can be detrimental to data protection.
Accessing unsecure networks
Accessing unsecured WiFi hotspots in places like Starbucks or an airport is not uncommon for many BYOD users. It can allow them to answer emails and check in online while on the go, but it also opens a door to potential data leakage. While some networks are password protected, many are not, potentially exposing personal and corporate traffic to packet sniffing.
BYOD users tend to upload files and information to mobile apps like Dropbox because it is easy to share and access. The problem with this is that organizations have no visibility into how corporate data is used once it has been uploaded to these apps. Bitglass’ Cloud Access Security Broker solution enables organizations to monitor data outflows to unsanctioned apps, enabling IT to quickly identify suspicious behavior on the corporate network.
Weak or reused passwords
Employees that use personal mobile devices tend to do little to nothing to protect their their device, regardless of company policies. In the case that a user's smartphone is lost or stolen, the data that is on it is now open to anyone, stressing the importance of basic password protection, encryption, or PIN codes.
Vulnerabilities in mobile phone software pose a major risk across all platforms and apps. Whether on iOS or Android, malicious users can easily take advantage of out-of-date software - potentially bypassing a user PIN or passcode or installing a malicious cert on the device. Users that avoid updating their devices and apps put themselves, and any corporate data accessed on these devices, at risk.
Implementing BYOD practices can boost productivity, increase employee satisfaction, and reduce corportate costs, but proper BYOD programs are needed. Your organization can make make BYOD work by balancing the risks and curbing unsafe user activity.