On the Inside: How to Reduce Insider BYOD Threats
Are you considering adding BYOD to your business mix? Have you considered how you will reduce insider BYOD threats? If not keep reading.
Apolicy wherein employees work on their own mobile devices is a classic case of on the one hand….., on the other hand.
On the one hand, it cuts company’s costs. No longer does the employer have to pay for mobile devices and training. On the other hand, unless security policies are formulated, laid out, and firmly enforced, BYOD is a potential open door to data theft and hardware.
On the one hand, employees enjoy using devices with which they are already familiar. It’s also nice not to have to juggle two phones or tablets. On the other hand, should they be lax in following security measures, they can face consequences ranging from discipline to dismissal. It all depends on their employer’s BYOD policy.
If your company is considering adopting BYOD, there are steps you can take tight from the start. The first might very well be sizing up the pluses and minuses and deciding it’s no your cup of tea. And that’s fine. But should you think it just might work, consider the following policy tips. These will help you reduce insider BYOD threats.
Decide who does what
Decide whom employees will turn to for support: their wireless carriers or your IT staff. (Oops, we didn’t mention it at the star, but BYOD can mean a heavier workload for your IT staff) If IT will be providing support, establish hours and procedures. Make it very clear to employees that they are to follow IT security advisements and that their devices will be subject to inspection.
Establish a BYOD policy
Formulating a policy can take a lot of time. And it should! Your company’s future cold be at stake should it fall victim to ransomware or stolen data. The policy should include
- Which employees are eligible for BYOD and the conditions that apply
- Whether or not employees will be reimbursed for usage and if so, for what portion.
- What type of company information employees can access and store on their devices
- Which apps and interfaces they can use to access information
- Procedures to be immediately implemented should a device be lost or stolen
Look after your system
There may be some areas for which you want to forbid BYOD access, such as sensitive client information or file shares. Setting up a separate dedicated virtual private network () can restrict access to protected data. Coming at it from the opposite angle, you can set up a separate network for BYOD devices to access designated areas. A secured wi-fi network could work quite well since it would have no access to internal networks or documents.
Mandate and monitor security measures
It always pays to go the extra mile when your cybersecurity is at stake. Have your IT staff apply the following security settings to every device in use:
- Password entry
- Automatic device wipe should too many incorrect passwords be entered
- Encryption of all company data
- Anti-malware and virus protection
If the recent ransomware, Wanna Cry attack taught us anything, it’s how critical it is that users update their computers as soon as an update or security patch is issued. Mandate that employees update their devices as soon as one is available. To facilitate this, require all devices be set to look for and install updates periodically. If you have mobile device management (MDM) in place, it will take care of this.
Mobile device management
Mobile device management solutions are a way to optimize cybersecurity. Once users register their devices, you can establish settings and controls including designating which devices can and cannot access the system. MDM also lets you block or allow specific apps, disallow microSD card usage, or disable camera functions.
On the one hand, setting up all these security measures may seem like a lot of work. On the other hand, it’s nothing compared to what you’d have to do should even one careless employee leave things to chance. Ask Target, Yahoo or any of the Wanna Cry ransomware victims.