The familiarity with, and customisation of, an employee’s own personal device has been shown – in various research – to be a better working tool than the standard company desktop. However, if not managed correctly, BYOD can represent a new, and severe risk to your IT security.
BYOD involves allowing your staff to conduct their work using their own computer or mobile device, this can be on or off premises. Permitting external devices to access your network is an integral part of BYOD.
This raises the issue of data protection and the GDPR. BYOD allows for additional channels to the data you hold on your corporate network, whether that be on servers you own or in the cloud. Data that you are legally obliged to protect with sufficient safeguards. These increased legal risks are another reason why SMBs must take precautions.
Sensitive business data or private client/customer data can potentially be exposed if devices are lost or stolen. The personal online habits of your employees can also increase your network’s vulnerability to viruses, phishing, or hacking schemes designed to steal such data.
Effective Mobile Device Management or MDM is critical to ensure all employee devices are configured, deployed, managed and monitored in a manner that prioritises data integrity and security.
It must clearly be outlined what specific devices are permitted for work use and employees must understand that employers still have access to the content stored on these devices.
As the business owner, you must have the ability to remotely delete company-sensitive data from mobile devices without the device owner’s permission. Remote deletion capabilities are much more refined these days; simplifying the removal of enterprise-related data from devices, while leaving other content like personal photos, contacts, apps and music downloads intact.
Lastly, it’s worth noting that it’s not just your data that needs to be considered either. Employee privacy should be discussed within the BYOD policy since employees often use these devices to check personal email, browse or post to Facebook and Twitter feeds, instant message, and store personal documents, photos, music and movie downloads.
We would encourage any company that is either considering introducing a BYOD policy or reviewing an existing one to get in touch with us to ensure your business is protected whilst also being able to enjoy the many benefits BYOD offers.