One area that has the potential to present problems – and getting a lot of attention – is internet technology and security, particularly when it comes to Bring Your Own Device (BYOD) policies and management. Younger workers are not only more likely to use and embrace technology, such as smartphones and tablets, than older workers, but surveys also indicate that they are also more likely to have definite ideas about how they want to use the technology and what they should be allowed to do. However, they may not realize the potential security risks of using their personal devices on the job. As a result, IT security departments are finding themselves in the unique position of embracing the technology, while also needing to find new methods of protecting sensitive company data and networks.
Younger Workers: A Security Risk?
The notion of a BYOD environment is gaining traction in many companies around the world. Whereas a few years ago, employees may have been provided with a cell phone, pager or other device to keep in contact with the office or conduct business on the road, these days, more and more employees are using their own devices to do work – in some cases, without a thorough understanding of company policy on using personal laptops or tablets, or the proper security protocols in place. Many companies have actually shifted to an employee-owned device model, pointing to the cost savings and increased productivity as positives, but allowing employees to use their own phones and tablets to access internal networks or conduct company business can raise serious security risks.
A 2012 study indicated that younger workers are a major reason for that risk. Of the more than 3,800 workers between the ages of 20 and 29 that were surveyed, almost 75% said that they used their own devices for work, even if company policy prohibited it. One reason for that, perhaps, is more than half of the users indicated that they believe using their own device is a right, not a privilege – and most believe that it is their employer’s responsibility to protect the network. In other words, many younger workers think that they should be able to use their own devices regardless of the risks, and it is essentially their employer’s fault if there is a security breach or data loss as a result.
Because younger workers often want to use their own devices at work – and in fact may not know any other way – it’s more important than ever for IT security professionals to find ways to protect sensitive company data from malicious attacks that are inadvertently allowed in through personal mobile devices.
What You Can Do
Since younger workers are an important part of the workforce and personal mobile devices aren’t going away any time soon, what can a concerned company do? Experts recommend taking these steps to secure your network and keep your data safe:
· Develop a comprehensive BYOD and Mobile Device Management policy. The policy should cover, at minimum, acceptable use, security and monitoring protocols, protocols in the event of loss or theft and consequences for failing to adhere to guidelines and restrictions.
· Implement security measures, including automatic device security updates, multiple layers of authentication and early warning systems for security breaches. A secure firewall and virus protection isn’t enough; when multiple devices and carriers are added to the mix, you need to have a plan for keeping all of the devices up-to-date and free of dangerous malware, viruses and other security risks.
· Educate employees on company policies and expectations. Make the dangers clear, and outline the potential consequences of using devices inappropriately. Often, employees simply do not understand how their behaviour will impact their employer.
In some cases, particularly when extremely sensitive data is at risk, organizations may not allow employees to use their own devices at all. However, as the trend is growing and more and more workers expect to be able to use the devices they are familiar with, it’s important to assess the risks and develop a plan for managing them and protecting data – while also keeping employees connected and productive.
Image from Flickr’s Creative Commons
About the Author: Janet Combs is an internet security manager for a large insurance carrier in the northeast. She was recently involved in the overhaul of her company BYOD policy, and conducted extensive research into the general differences in technology adoption. Her findings will be presented at an upcoming internet security conference.
Scouring the internet for mobile tech, news & tips!