Cisco Systems surveyed more than 600 IT leaders and found that more than 40% of smartphones connected to company networks are owned by the employees.
BYOD (Bring your Own Device) can have IT, security, as well as executive management up in arms since it can surrender control of valuable company assets outside of the corporation. When a trusted and valuable employee loses their device or becomes a former employee and walks out the door with his own device, it can cause myriad problems.
A recent white paper produced by Osterman Research found BYOD is now more common than employees using company-supplied devices. In addition, the survey of 760 individuals found widespread use of third-party, cloud-based storage and file synchronization services that was “sometimes used with IT’s blessing, but more often not.”
Osterman Research identifies some of the benefits with BYOD, which includes making employees more efficient and “possibly lower IT costs and improved employee morale.” The paper also enumerates several potential pitfalls with BYOD including:
• infecting corporate networks with malware
• data breaches
• major legal and regulatory issues
To attempt to manage the growth of BYOD, Osterman Research makes several recommendations. The most obvious is to have an explicit BYOD policy.
The first step to developing a BYOD policy is management must have a thorough understanding of the risks and benefits of this growing phenomenon. Policies should protect the organization that may include listing approved devices, operating systems, and third-party services, such as cloud storage, which should include encryption. In addition to educating users on best and acceptable practices, there are many mobile device management technologies that can go a long way in protecting company data.
- Know when to leverage BYOD and when to forget it (zdnet.com)
- The State of SMB Security: BYOD and Security Violations on the Rise (virtual-strategy.com)
- 5 Reasons to BYOD to Work (techie-buzz.com)
- BYOD governance, security and privacy issues (net-security.org)