With BYOD, security risk is hard to avoid completely. The reason is obvious. Non-work-issued devices are loaded with software, apps, and links that have not been vetted by your company’s cybersecurity team.
When you allow employees to access your network through their own smartphones, tablets, and home computers, you run the risk of:
- Data Loss—when an employee’s device gets lost, stolen, or damaged. The information they’ve stored locally on their device can be lost forever.
- Third-Party Software Attacks—when cyber thieves download malware onto software at the platform level, affecting all users. It’s impossible to monitor every app or program an employee has loaded on a personal device.
- Malware and Jailbreaking—when employees click bad links that download malware, or when thieves use the third-party software to bypass your network security systems
- Unsecured wifi—when hackers use man-in-the-middle attacks and break into your system through unsecured wifi. When an employee logs in while a hacker has control of the wifi, their afternoon spent working at the local coffee shop can turn dangerous, and put their data and yours at risk.
With all that in mind, our first BYOD security tip is simply understanding that a liberal device policy does come hardwired for risk. Fortunately, they are risks that can be mitigated. And the bottom line benefits of BYOD are too good for most organizations to ignore.
Risk vs. Reward: Can BYOD Save Your Company Money?
In a word, yes. And that’s why companies are willing to invest in BYOD security. Remote work is improving productivity, increasing employee satisfaction, and saving companies money, every day. Employees working remotely at least 60 to 80 percent of their time get more done over the course of the day.(source: Gallup) All that extra work can add up. A recent study by Flipjet estimates that mobile workers put in an extra 240 hours of work every year, a benefit that net companies an average of $5,114 a year, per employee.
Cisco calculates the savings a bit more conservatively. They compared organizations with “company-issued” cell phones versus BYOD companies offering their employees cell phone service stipends. Turns out, the BYOD companies saved between $300 and $1300 a year per employee.
This is the good news and the real untold story when it comes to BYOD. Making it easy for your employees to work from anywhere should be a key part of your business strategy. Let’s dig into our favorite BYOD security strategies.
Take These Steps Now to Enhance Your BYOD Security
The modern workplace journey is taking many companies into the cloud, and this is a boon for remote work security. You now have more tools than ever to keep BYOD devices safe. Here’s how they work.
1. Move Your Network to the Cloud
Companies like Microsoft have been migrating its operations to the cloud now for quite some time. Now, companies can stream Microsoft Office applications and many others live over the internet with Windows 365. Microsoft has announced it will be taking its entire operating system into the cloud with Microsoft Windows 365 Cloud PC. Here at Integris we were one of the first MSPs to work with this program and we’re here to tell you, it’s great. It eliminates the majority of security issues with BYOD because the security is in the cloud. When employees log in with a cloud PC, they get their full desktop experience right down to the screensaver, on any device.
2. Password Protection
The first step in protecting your network is to require passwords on all devices and applications. Remember the basics of password protection:
- Passwords between 8-12 characters, including a combination of letters, numbers, and special characters
- Never recycle old passwords
- Use a different password for each device and application
- Use a password manager like 1Password
- Only share passwords via a password manager, which will allow access to files through an autogenerated password instead without revealing the original password.
3. Restrict Permissions and Data Access
Make sure each employee only has the authorization to access the data, applications, and files that are needed to perform his or her job. Restrict access to sensitive data to only authorized users. Doing this reduces the damage caused by a bad actor’s infiltration of a personal device.
4. Routine Back-Ups
Make sure you have a system in place to reliably back up all data on each device. This makes restoring files and information far easier if a device is damaged, lost, or stolen.
5. Protect Each Device with Antivirus Software
Each device that accesses your network needs to be protected with a rigorous anti-virus platform. Remember the best way to remediate a breach is to make sure it never happens in the first place.
6. Blacklist Prohibited Applications
Blacklisting means blocking certain applications that are known to be malicious. Some social networking and file-sharing sites may fall under this category.
7. Cybersecurity Education
Your employees are the gatekeepers of your network security. Make sure you give them the tools they need to protect your network. Cybersecurity training is an effective way to educate your teams about the importance of BYOD security.
Adopting A BYOD Policy
Now that we’ve talked about our favorite tips, it’s important to take all those tips and turn them into actionable policy. Your MSP or IT department should be able to help you finalize your policies. Here is a free template we like to use, Download it for free here. If you are a healthcare company, you’ll have even more considerations, as personal healthcare records have to be rigorously protected. But not to worry. We have a HIPAA version of this free sample BYOD policy, available for free download, too.
Have your employees read the policy, sign a copy for his or her file, and keep a copy. The BYOD policy will help protect you if a breach should happen, and that breach is traced to an employee who is not following the policy.
How Integris Can Help with BYOD Security
If you’ve read all this, and you’re ready to get to work on your own BYOD policy, Integris can help. We can help you create and implement the BYOD policies, from antivirus to password protection and multi-factor authentication, that will keep your employees’ devices and your network secure.
Find out how Integris can help you take advantage of the BYOD landscape, safely. Contact us today.